What to present at SAML EntityID URL?

Question

I am trying to implement a SSO that is provided by another website.

The instructions ask me to enter \"issuer\" info. Which turns out is equivalent to the EntityID U

Answer 1

The requirement is that the EntityId is a URI (not URL, in this case the difference between URIs and URLs is important). See "8.3.6 Entity Identifier" in the SAML2 Core spec.

From SAML 2.0 Specification :

8.3.6 Entity Identifier

URI: urn:oasis:names:tc:SAML:2.0:nameid-format:entity

Indicates that the content of the element is the identifier of an entity that provides SAML-based services (such as a SAML authority, requester, or responder) or is a participant in SAML profiles (such as a service provider supporting the browser SSO profile). Such an identifier can be used in the element to identify the issuer of a SAML request, response, or assertion, or within the element to make assertions about system entities that can issue SAML requests, responses, and assertions. It can also be used in other elements and attributes whose purpose is to identify a system entity in various protocol exchanges.

The syntax of such an identifier is a URI of not more than 1024 characters in length. It is RECOMMENDED that a system entity use a URL containing its own domain name to identify itself.

The NameQualifier , SPNameQualifier , and SPProvidedID attributes MUST be omitted

It is recommended that the URI is a URL that contains the domain name of the entity.

If you are to expose metadata, the EntityId is used as a well known URL for the meta data of the entity. It is not a requirement to provide meta data at all. If done, the meta data can be provided in any way possible - but the best practice is to publish it at the EntityId URL.