All participating member federations in eduGAIN will produce and consume SAML metadata for and from eduGAIN. In particular, this metadata flow works like this:
- IdP/SP operator from a federation
- decides to opt-in for eduGAIN
- Federation operator resp. federation metadata registry
- adds the entity's metadata to the upstream federation metadata (1)
- eduGAIN MDS
- aggregates & validates upstream metadata delivered by the participating federations.
- Then signs and republishes the gathered metadata for consumption by the member federations (2)
- Individual SPs and IdPs should not consume the eduGAIN metadata directly. It is rather recommended that they consume the eduGAIN/interfederation metadata offered by their local federation.
- Federation metadata registry
- consumes the eduGAIN downstream metadata - click here for an example implementation
- Removes entities already registered with local federation
- IdP/SP operator
- ensures that the entity consumes the interfederation metadata (re)distributed by the local federation (3)