Viewing and Reimporting a Trusted Provider’s Metadata

You might need to reimport a trusted provider’s metadata if you learn that it has changed. The metadata changes when you change the provider to use HTTPS rather than HTTP and when you change the certificate that it is using for SSL. The steps for reimporting the metadata are similar for Liberty and SAML protocols.

NOTE:The trusted providers that are from the metadata repository cannot be reimported from this option. Go to Shared Settings > > Metadata Repositories and click on the metadata repository created to reimport the trusted provider.

  1. Click Devices > Identity Servers > Edit > [Protocol].

  2. Click the trusted provider, then click the Metadata tab.

    This page displays the current metadata the trusted provider is using.

  3. To reimport the metadata:

    1. Copy the URL in the providerID field (Liberty) or the entityID (SAML).

    2. (SAML 1.1) Paste the URL to a file, click Authentication Card, copy the Login URL to the file, then click Metadata.

    3. Click Reimport.

    4. Follow the prompts to import the metadata.

      For the metadata URL, paste in the value you copied.

      If your Administration Console is installed with your Identity Server, you need to change the protocol from HTTPS to HTTP and the port from 8443 to 8080.

  4. Confirm metadata certificates, then click Finish, or for an identity provider, click Next.

  5. (Identity Provider) Configure the card, then click Finish.

    For SAML 1.1, copy the value you saved into the Login URL.

  6. Update Identity Server.

NOTE:Reimport support is not available for SAML 1.1 and SAML 2.0 protocols.