Metadata and metadata endpoint URLs are required when integrating with a groupware (IdP) for SSO. When configuring, you need to register either a metadata file (XML) or a metadata endpoint URL.
Overview of Metadata and Metadata Endpoint URLs
Metadata
This is data that consolidates the configuration information required for SAML authentication (SSO integration). It primarily contains the following information to securely exchange authentication data between systems.
Entity ID: A unique identifier used to identify a service (IdP/SP)
Single Sign-On URL: The URL to which authentication requests are sent
Public key (certificate): Data used to verify that the transmitted data is legitimate
Metadata Endpoint URL
This is a dedicated URL that makes the configuration information (metadata) described above accessible from external systems.
Differences When Integrating SSO with Teachme Biz
If you configure the integration by uploading a metadata file, the administrator must manually re-upload a new file whenever the certificate is renewed.
If the update is not performed, SSO login will no longer be available once the certificate expires.
Related: Re-upload Metadata Following SAML Certificate Renewal (Web Browser Version)
On the other hand, if you integrate using a metadata endpoint URL, Teachme Biz will automatically retrieve the latest information from the URL even when the certificate included in the metadata is renewed.
Therefore, no manual update is required.
Frequently Asked Questions
Q. Is a certificate file different from metadata?
A. Yes, they are different.
A certificate file (.cer / .crt) is one component of metadata and contains the public key data used for verification.
A common misconfiguration is uploading only the certificate file instead of the metadata, but the integration cannot be completed because the required configuration information is insufficient.
Be sure to register either a metadata file (XML) or a metadata endpoint URL.