Objective
- To provide information on what is needed to set up single sign-on with Miami
User
- Anyone that would like to request single sign-on with Miami using SAML
Environment
Guidelines
Request new setup
- A new setup will require an exchange of information between the vendor and IT as well as configurations implemented in our environment
- Share this article with the vendor
- Submit a request for a new setup to Miami IT Services
About our environment
- Our metadata: https://muidp.miamioh.edu/idp/shibboleth
- Our EntityID: urn:mace:incommon:muohio.edu
- InCommon: We are an InCommon member and consume the InCommon metadata
- Supported NameID formats (In preferred order):
- urn:oasis:names:tc:SAML:2.0:nameid-format:transient (default)
- urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
- urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified (uses uid)
- Testing accounts: We do not provide testing accounts, but are happy to test service upon request
Our SAML requirements
- Your metadata (URL or file)
- Your desired attributes
- Your desired nameID format
- Login URL for the service
- Attribute Requester URL/URN (If different from EntityID)
- SP or IdP-initiated login? (We strongly recommend SP-initiated)
Sample assertions
urn:oasis:names:tc:SAML:2.0:nameid-format:transient
<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
xmlns:xsd="http://www.w3.org/2001
/XMLSchema"
Destination="https://api.percipio.com/saml/login/callback?connection=saml-967888e6-bdca-404f-adb7-df0eb5c2ac37-1632836313481"
ID="_35034deb3abad0810d79c33139258ae2"
InResponseTo="_a00bdd6c8edbbd288345"
IssueInstant="2021-10-13T14:14:47.624Z"
Version="2.0"
>
<saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">urn:mace:incommon:muohio.edu</saml2:Issuer>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
<ds:Reference URI="#_35034deb3abad0810d79c33139258ae2">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
PrefixList="xsd"
/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>SYFX9SsIKtZhMNF8v6bUhoqsYWt1H6Tt9Flp/Vo12kE=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>Gm1GQ+gxwVEXEG2SU/1IXf9vgLvubrYsRMos0GF41WvOw4EpAJeEAvOc8bqNL5+OOh656vQ34/2yp+YSXGZH1+VHhK4RTBUUAfz948RHqVOSasyG2lVaPPPfHt45RS2aVmDewhrbOd0PDC8TSV+Eas53MalrqNIqaHzzJw5bDa0r1171PWhpb4RjkxXccKRivOD6TFGHeEsHSfRUFNiZ4rkw8T29q5VMyzx+1qa1ACv3E/kOg4QXDz7+6C8kSV5eLDMZuZ9KMIU1S2EjqIcSyGkKPfFW/O2yt86HoYwvFCzBbB1mPlou3+5KM68IqcVdpfz2jR1rI2tuY/Etf5SAsg==</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>MIIDLDCCAhSgAwIBAgIVAKw5joclkRM7v8BoI/l7FWUAWuZmMA0GCSqGSIb3DQEBBQUAMBsxGTAX
BgNVBAMTEG11aWRwLm11b2hpby5lZHUwHhcNMTEwOTA2MTgxNzM3WhcNMzEwOTA2MTgxNzM3WjAb
MRkwFwYDVQQDExBtdWlkcC5tdW9oaW8uZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqb1TAe1bFQ71cuQZz4gP91bTRr8OIr9VA6lAB9L3kO5KQYx5NUBkCbKsWky7M/dbW/+Pt9tj
6pkwIEr4GDO0un36EZPi3+1Gv0Wmc2WTGA8xQVCPoUP/bd7e5H+gRF7gla5Aj7zvejARFVnw5ajg
VvTTz5YZAp7Nmw+uJLHMb6IQf+m3xpKGM/tHqZDyhmKIFD18TopyiBLnRGHwKFwxx1SqqfAzkq2O
Or5LWb6M6D4FSF0jR0OGKzl6GNi05zvRm40P+nwydCIaC/XduoWodKuUl7UkX7JaltsaEVLbpXJB
ato9Uwyif1vqXMG4oKv0JqMv0I6uzA2J9wbLhQNgjQIDAQABo2cwZTBEBgNVHREEPTA7ghBtdWlk
cC5tdW9oaW8uZWR1hidodHRwczovL211aWRwLm11b2hpby5lZHUvaWRwL3NoaWJib2xldGgwHQYD
VR0OBBYEFHletfQytS1uCV3Q3wC3ObBMfcpPMA0GCSqGSIb3DQEBBQUAA4IBAQAZUdcZLnMUQpH0
1ZtHKveuPhbjFymh5NThn5Djx83uHXJV8duDEn9+DlEBmIkJefT5IIoRtHQZDeJVk5i5DDm6MJpa
N48/EVYIlsAnJqO1d6u+ccAIRSlWyqeQPTCJ59mEsv6Va9EEO106EPvcAmzkPjkOhl1Xv1kTYkhN
lUe+lD76xgvaizZqxQNOZSohGB6JKWVgpVmNKXrG70bPFoVDW9zHQ1QMn4zgrcdIXAh35hfJ3V11
hYNAxbEJR+a6JcLx6w8sYF4hKcNMez89uunCYYDYqK0Q9zukmasDWzcclzuqiJdWWMieNGYFgQOr
u5/17okAMls3dl2RmjoQgEsN</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml2p:Status>
<saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />
</saml2p:Status>
<saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
ID="_5a1b333c00834c5fff4321d8d21ab238"
IssueInstant="2021-10-13T14:14:47.624Z"
Version="2.0"
>
<saml2:Issuer>urn:mace:incommon:muohio.edu</saml2:Issuer>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
<ds:Reference URI="#_5a1b333c00834c5fff4321d8d21ab238">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
PrefixList="xsd"
/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>ksC1ULNJukUG/aPnj6rdPwLBpoxV9RCDNlk88LbqQz4=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>PDNc/HAmdN3/a6xrqhzRlYhSOUEqLERkSqv1hmIdW/aWTaorkQ46s+F1oSruzsFUt0SKgdQKTe9YXl48kOUHOWV18NAomRvBoOgTjCgQalCIErJWS2q3c5AolHouw9ttHzr7gXlhuUvCc/mRB1nFYsAwgxogalxgZaqCVha4irxnVy50Bn9HOkD/3xCT7jW61ZUxjvHD84Vvqok/Bhu7fx9svgC5rcHy+qARf9c5a6g+1L2k7OnN5k5DV+JagR+taijwSq+RFwBQLeHi79MgK6CJp0BvYSUi+lF93/7A9slDYO6GOJRaVKizzs44JvmcQKh1z0VKkyc3dbzErsnTBQ==</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>MIIDLDCCAhSgAwIBAgIVAKw5joclkRM7v8BoI/l7FWUAWuZmMA0GCSqGSIb3DQEBBQUAMBsxGTAX
BgNVBAMTEG11aWRwLm11b2hpby5lZHUwHhcNMTEwOTA2MTgxNzM3WhcNMzEwOTA2MTgxNzM3WjAb
MRkwFwYDVQQDExBtdWlkcC5tdW9oaW8uZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqb1TAe1bFQ71cuQZz4gP91bTRr8OIr9VA6lAB9L3kO5KQYx5NUBkCbKsWky7M/dbW/+Pt9tj
6pkwIEr4GDO0un36EZPi3+1Gv0Wmc2WTGA8xQVCPoUP/bd7e5H+gRF7gla5Aj7zvejARFVnw5ajg
VvTTz5YZAp7Nmw+uJLHMb6IQf+m3xpKGM/tHqZDyhmKIFD18TopyiBLnRGHwKFwxx1SqqfAzkq2O
Or5LWb6M6D4FSF0jR0OGKzl6GNi05zvRm40P+nwydCIaC/XduoWodKuUl7UkX7JaltsaEVLbpXJB
ato9Uwyif1vqXMG4oKv0JqMv0I6uzA2J9wbLhQNgjQIDAQABo2cwZTBEBgNVHREEPTA7ghBtdWlk
cC5tdW9oaW8uZWR1hidodHRwczovL211aWRwLm11b2hpby5lZHUvaWRwL3NoaWJib2xldGgwHQYD
VR0OBBYEFHletfQytS1uCV3Q3wC3ObBMfcpPMA0GCSqGSIb3DQEBBQUAA4IBAQAZUdcZLnMUQpH0
1ZtHKveuPhbjFymh5NThn5Djx83uHXJV8duDEn9+DlEBmIkJefT5IIoRtHQZDeJVk5i5DDm6MJpa
N48/EVYIlsAnJqO1d6u+ccAIRSlWyqeQPTCJ59mEsv6Va9EEO106EPvcAmzkPjkOhl1Xv1kTYkhN
lUe+lD76xgvaizZqxQNOZSohGB6JKWVgpVmNKXrG70bPFoVDW9zHQ1QMn4zgrcdIXAh35hfJ3V11
hYNAxbEJR+a6JcLx6w8sYF4hKcNMez89uunCYYDYqK0Q9zukmasDWzcclzuqiJdWWMieNGYFgQOr
u5/17okAMls3dl2RmjoQgEsN</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml2:Subject>
<saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
NameQualifier="urn:mace:incommon:muohio.edu"
SPNameQualifier="urn:percipio:prod:saml-967888e6-bdca-404f-adb7-df0eb5c2ac37-1632836313481"
>AAdzZWNyZXQx+mBRlBuObPpsmVzPD9Sv4EjyGwY1OwW2wo2524Gyc3sjr6bQBnaGaCbpistSKpjIWh+3hHunsKEFdSitZSTwc+aZ0pEOAQJaJvs2P0LmyjZHW0SuQmKwcXQCfQQBaLAnytaZOKS2N5f8QN/HzqKMYcSzX1QnAlgvoYS/sODSaJ4XUH+7H2rJysoAKXZu5g==</saml2:NameID>
<saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml2:SubjectConfirmationData Address="10.8.32.62"
InResponseTo="_a00bdd6c8edbbd288345"
NotOnOrAfter="2021-10-13T14:19:47.628Z"
Recipient="https://api.percipio.com/saml/login/callback?connection=saml-967888e6-bdca-404f-adb7-df0eb5c2ac37-1632836313481"
/>
</saml2:SubjectConfirmation>
</saml2:Subject>
<saml2:Conditions NotBefore="2021-10-13T14:14:47.624Z"
NotOnOrAfter="2021-10-13T14:19:47.624Z"
>
<saml2:AudienceRestriction>
<saml2:Audience>urn:percipio:prod:saml-967888e6-bdca-404f-adb7-df0eb5c2ac37-1632836313481</saml2:Audience>
</saml2:AudienceRestriction>
</saml2:Conditions>
<saml2:AuthnStatement AuthnInstant="2021-10-13T14:14:47.548Z"
SessionIndex="_40e9f1653eeabe70b1ccbcff2e1a320c"
>
<saml2:SubjectLocality Address="10.8.32.62" />
<saml2:AuthnContext>
<saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
</saml2:AuthnContext>
</saml2:AuthnStatement>
<saml2:AttributeStatement>
<saml2:Attribute FriendlyName="uid"
Name="urn:oid:0.9.2342.19200300.100.1.1"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
>
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xsd:string"
>wardtd</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute FriendlyName="displayName"
Name="urn:oid:2.16.840.1.113730.3.1.241"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
>
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xsd:string"
>Tim Ward</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute FriendlyName="muohioeduDepartment"
Name="urn:mace:dir:attribute-def:muohioeduDepartment"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
>
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xsd:string"
>Information Technology Services</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute FriendlyName="sn"
Name="urn:oid:2.5.4.4"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
>
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xsd:string"
>Ward</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute FriendlyName="mail"
Name="urn:oid:0.9.2342.19200300.100.1.3"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
>
<saml2:AttributeValue>wardtd@miamioh.edu</saml2:AttributeValue>
</saml2:Attribute>
</saml2:AttributeStatement>
</saml2:Assertion>
</saml2p:Response>
urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
<saml2p:Response Destination="https://prod-api.examsoft.io/saml/SSO"
ID="_13a770e13cc17d65cff07c9e8bdcc466"
InResponseTo="ag274dgec936i1he2f02100d19a90"
IssueInstant="2021-10-13T14:21:29.978Z"
Version="2.0"
xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
>
<saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">urn:mace:incommon:muohio.edu</saml2:Issuer>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
<ds:Reference URI="#_13a770e13cc17d65cff07c9e8bdcc466">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="xsd"
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>7uLKAm21Tcx9QPSs42oxWhr1xDRWJvtaw4T5zF/mC+g=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>aHtJoTpLIfSPacqayH2aM7+K8tDmZz6vtxOlD+KI0CiIg3b3M4Tl+zMH6b1yc5lx4ZRQXVATmZxmAM0KJL/VpuUu2rTsbTKsr4+tOOxNFWnTJRaTucMFpGIMZVN3XCxyjgDgeHq+FvUxwpz7v+kGm0B5IR0JmeAhvHZBayHzCwXqVKv5B4EiWkggiYykDxotyFm1VjU/uxYIKT4vlsdYrKimlEZHGt3Kdecu1cJjHYlaSbLskwYJWNzLlpDpYBr+GDc1cRvqEvyKtwPkZHVxI4UdzmODzE+Mg56oiLTcHYXwFRaf5bw9+rr6UqEkAuuLqfyap1vHGFPAkJW843EXqQ==</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>MIIDLDCCAhSgAwIBAgIVAKw5joclkRM7v8BoI/l7FWUAWuZmMA0GCSqGSIb3DQEBBQUAMBsxGTAX
BgNVBAMTEG11aWRwLm11b2hpby5lZHUwHhcNMTEwOTA2MTgxNzM3WhcNMzEwOTA2MTgxNzM3WjAb
MRkwFwYDVQQDExBtdWlkcC5tdW9oaW8uZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqb1TAe1bFQ71cuQZz4gP91bTRr8OIr9VA6lAB9L3kO5KQYx5NUBkCbKsWky7M/dbW/+Pt9tj
6pkwIEr4GDO0un36EZPi3+1Gv0Wmc2WTGA8xQVCPoUP/bd7e5H+gRF7gla5Aj7zvejARFVnw5ajg
VvTTz5YZAp7Nmw+uJLHMb6IQf+m3xpKGM/tHqZDyhmKIFD18TopyiBLnRGHwKFwxx1SqqfAzkq2O
Or5LWb6M6D4FSF0jR0OGKzl6GNi05zvRm40P+nwydCIaC/XduoWodKuUl7UkX7JaltsaEVLbpXJB
ato9Uwyif1vqXMG4oKv0JqMv0I6uzA2J9wbLhQNgjQIDAQABo2cwZTBEBgNVHREEPTA7ghBtdWlk
cC5tdW9oaW8uZWR1hidodHRwczovL211aWRwLm11b2hpby5lZHUvaWRwL3NoaWJib2xldGgwHQYD
VR0OBBYEFHletfQytS1uCV3Q3wC3ObBMfcpPMA0GCSqGSIb3DQEBBQUAA4IBAQAZUdcZLnMUQpH0
1ZtHKveuPhbjFymh5NThn5Djx83uHXJV8duDEn9+DlEBmIkJefT5IIoRtHQZDeJVk5i5DDm6MJpa
N48/EVYIlsAnJqO1d6u+ccAIRSlWyqeQPTCJ59mEsv6Va9EEO106EPvcAmzkPjkOhl1Xv1kTYkhN
lUe+lD76xgvaizZqxQNOZSohGB6JKWVgpVmNKXrG70bPFoVDW9zHQ1QMn4zgrcdIXAh35hfJ3V11
hYNAxbEJR+a6JcLx6w8sYF4hKcNMez89uunCYYDYqK0Q9zukmasDWzcclzuqiJdWWMieNGYFgQOr
u5/17okAMls3dl2RmjoQgEsN</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml2p:Status>
<saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />
</saml2p:Status>
<saml2:Assertion ID="_f609dc840af5aee3de637387b311556c"
IssueInstant="2021-10-13T14:21:29.978Z"
Version="2.0"
xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
>
<saml2:Issuer>urn:mace:incommon:muohio.edu</saml2:Issuer>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
<ds:Reference URI="#_f609dc840af5aee3de637387b311556c">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="xsd"
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>sAICMCz4XGPjxDYqvPpg4O3/e+MNrY+MCWiY5LmERlQ=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>bFTUysTcflKkTvcXr/dob0PgylwQc5NlLr2OkYDpTBTUDf0Al3/EvrQPQu1cENdCYeM0V5LWs48lXiZN1MU0OYUAsN8/IrTBwZtsICJUzekuqWlVJbliR76Aqdet+XR5xm1P7Pq4ERZSxzlKoOrUqTBOT8W+1VZSCJ5eNYLFQlmcbpJjK00aYx/np9PFqaopkBkpLY/NmCgKBRtNxu+SUpZs+mivUHwLhOQx5779X+Au0QAuqb73yKF64GmFHWNaaR9keE5RJBoib2eSfGMuRD4paHzYsSbwICCRW9Cs5A1T7/4XElkgn1PlQlHlUbuL+44jAh6cAX7SMgHV81gURw==</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>MIIDLDCCAhSgAwIBAgIVAKw5joclkRM7v8BoI/l7FWUAWuZmMA0GCSqGSIb3DQEBBQUAMBsxGTAX
BgNVBAMTEG11aWRwLm11b2hpby5lZHUwHhcNMTEwOTA2MTgxNzM3WhcNMzEwOTA2MTgxNzM3WjAb
MRkwFwYDVQQDExBtdWlkcC5tdW9oaW8uZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqb1TAe1bFQ71cuQZz4gP91bTRr8OIr9VA6lAB9L3kO5KQYx5NUBkCbKsWky7M/dbW/+Pt9tj
6pkwIEr4GDO0un36EZPi3+1Gv0Wmc2WTGA8xQVCPoUP/bd7e5H+gRF7gla5Aj7zvejARFVnw5ajg
VvTTz5YZAp7Nmw+uJLHMb6IQf+m3xpKGM/tHqZDyhmKIFD18TopyiBLnRGHwKFwxx1SqqfAzkq2O
Or5LWb6M6D4FSF0jR0OGKzl6GNi05zvRm40P+nwydCIaC/XduoWodKuUl7UkX7JaltsaEVLbpXJB
ato9Uwyif1vqXMG4oKv0JqMv0I6uzA2J9wbLhQNgjQIDAQABo2cwZTBEBgNVHREEPTA7ghBtdWlk
cC5tdW9oaW8uZWR1hidodHRwczovL211aWRwLm11b2hpby5lZHUvaWRwL3NoaWJib2xldGgwHQYD
VR0OBBYEFHletfQytS1uCV3Q3wC3ObBMfcpPMA0GCSqGSIb3DQEBBQUAA4IBAQAZUdcZLnMUQpH0
1ZtHKveuPhbjFymh5NThn5Djx83uHXJV8duDEn9+DlEBmIkJefT5IIoRtHQZDeJVk5i5DDm6MJpa
N48/EVYIlsAnJqO1d6u+ccAIRSlWyqeQPTCJ59mEsv6Va9EEO106EPvcAmzkPjkOhl1Xv1kTYkhN
lUe+lD76xgvaizZqxQNOZSohGB6JKWVgpVmNKXrG70bPFoVDW9zHQ1QMn4zgrcdIXAh35hfJ3V11
hYNAxbEJR+a6JcLx6w8sYF4hKcNMez89uunCYYDYqK0Q9zukmasDWzcclzuqiJdWWMieNGYFgQOr
u5/17okAMls3dl2RmjoQgEsN</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml2:Subject>
<saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
NameQualifier="urn:mace:incommon:muohio.edu"
SPNameQualifier="https://prod-api.examsoft.io"
>olayasa@miamioh.edu</saml2:NameID>
<saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml2:SubjectConfirmationData Address="10.8.32.182"
InResponseTo="ag274dgec936i1he2f02100d19a90"
NotOnOrAfter="2021-10-13T14:26:29.981Z"
Recipient="https://prod-api.examsoft.io/saml/SSO"
/>
</saml2:SubjectConfirmation>
</saml2:Subject>
<saml2:Conditions NotBefore="2021-10-13T14:21:29.978Z"
NotOnOrAfter="2021-10-13T14:26:29.978Z"
>
<saml2:AudienceRestriction>
<saml2:Audience>https://prod-api.examsoft.io</saml2:Audience>
</saml2:AudienceRestriction>
</saml2:Conditions>
<saml2:AuthnStatement AuthnInstant="2021-10-13T14:21:29.946Z"
SessionIndex="_4b43bfe028d2073e522a4e1ecddc5d49"
>
<saml2:SubjectLocality Address="10.8.32.182" />
<saml2:AuthnContext>
<saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
</saml2:AuthnContext>
</saml2:AuthnStatement>
<saml2:AttributeStatement>
<saml2:Attribute FriendlyName="mail"
Name="urn:oid:0.9.2342.19200300.100.1.3"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
>
<saml2:AttributeValue>olayasa@miamioh.edu</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute FriendlyName="eduPersonPrincipalName"
Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
>
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xsd:string"
>olayasa@miamioh.edu</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute FriendlyName="mail"
Name="urn:oid:0.9.2342.19200300.100.1.3"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
>
<saml2:AttributeValue>olayasa@miamioh.edu</saml2:AttributeValue>
</saml2:Attribute>
</saml2:AttributeStatement>
</saml2:Assertion>
</saml2p:Response>
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
Destination="https://account.docusign.com/organizations/98a5dafe-e23f-48f2-a019-0e23119052bc/saml2/login/f9ce9c97-2fde-40f3-998a-5818234de781"
ID="_903f04b75164d9366b962c3b464d4ca8"
InResponseTo="_e754269c-fd37-4972-b1cf-85713d15940b"
IssueInstant="2021-10-13T14:18:26.501Z"
Version="2.0"
>
<saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">urn:mace:incommon:muohio.edu</saml2:Issuer>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
<ds:Reference URI="#_903f04b75164d9366b962c3b464d4ca8">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
PrefixList="xsd"
/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>JTZL/04TliJNtgUwNBsJ32u7NGBh1PMXbo9Vuj7mTQU=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>Sj7KIpsbEQUOO5z5/+jjh1o87Eb8mDjk+bEe7tjK+aw+wdUVDoY9O4tPWX/Tcf7YW/+ynhVOgKZWtV2TQdN2aT0Qj60YfVpmDSwz3pXOeL63Tw4F38NPuSQcrF9D4LQvk8Yvkd7hLbeL5cGz4qaxO3o9DWcCNv0jtriR+myiPnOT/AnVW+mPsfSFJ88JZmh2gaUH+oosoGHZNzxBavxDvqdx1aurWEh9DxIyAzwfgKTASBQ324ZoIr0RFyXzCmKpbH3Bk4MFcSIDefJBmH4AtN3wZdiD/wANmh+rjdJV7iIIDxEn0beqTHzUTeaYiFGmQ88gRxmT/9M2R/yIWBFYGg==</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>MIIDLDCCAhSgAwIBAgIVAKw5joclkRM7v8BoI/l7FWUAWuZmMA0GCSqGSIb3DQEBBQUAMBsxGTAX
BgNVBAMTEG11aWRwLm11b2hpby5lZHUwHhcNMTEwOTA2MTgxNzM3WhcNMzEwOTA2MTgxNzM3WjAb
MRkwFwYDVQQDExBtdWlkcC5tdW9oaW8uZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqb1TAe1bFQ71cuQZz4gP91bTRr8OIr9VA6lAB9L3kO5KQYx5NUBkCbKsWky7M/dbW/+Pt9tj
6pkwIEr4GDO0un36EZPi3+1Gv0Wmc2WTGA8xQVCPoUP/bd7e5H+gRF7gla5Aj7zvejARFVnw5ajg
VvTTz5YZAp7Nmw+uJLHMb6IQf+m3xpKGM/tHqZDyhmKIFD18TopyiBLnRGHwKFwxx1SqqfAzkq2O
Or5LWb6M6D4FSF0jR0OGKzl6GNi05zvRm40P+nwydCIaC/XduoWodKuUl7UkX7JaltsaEVLbpXJB
ato9Uwyif1vqXMG4oKv0JqMv0I6uzA2J9wbLhQNgjQIDAQABo2cwZTBEBgNVHREEPTA7ghBtdWlk
cC5tdW9oaW8uZWR1hidodHRwczovL211aWRwLm11b2hpby5lZHUvaWRwL3NoaWJib2xldGgwHQYD
VR0OBBYEFHletfQytS1uCV3Q3wC3ObBMfcpPMA0GCSqGSIb3DQEBBQUAA4IBAQAZUdcZLnMUQpH0
1ZtHKveuPhbjFymh5NThn5Djx83uHXJV8duDEn9+DlEBmIkJefT5IIoRtHQZDeJVk5i5DDm6MJpa
N48/EVYIlsAnJqO1d6u+ccAIRSlWyqeQPTCJ59mEsv6Va9EEO106EPvcAmzkPjkOhl1Xv1kTYkhN
lUe+lD76xgvaizZqxQNOZSohGB6JKWVgpVmNKXrG70bPFoVDW9zHQ1QMn4zgrcdIXAh35hfJ3V11
hYNAxbEJR+a6JcLx6w8sYF4hKcNMez89uunCYYDYqK0Q9zukmasDWzcclzuqiJdWWMieNGYFgQOr
u5/17okAMls3dl2RmjoQgEsN</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml2p:Status>
<saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />
</saml2p:Status>
<saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
ID="_756cd3fb9e44d6feb72c48fc3c0a1d6c"
IssueInstant="2021-10-13T14:18:26.501Z"
Version="2.0"
>
<saml2:Issuer>urn:mace:incommon:muohio.edu</saml2:Issuer>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
<ds:Reference URI="#_756cd3fb9e44d6feb72c48fc3c0a1d6c">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
PrefixList="xsd"
/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>L9qYNtcE0BizvZf3UmaUL8Z4ZXnFALvBTVThQ6MPdTU=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>K8LrRuztP4eIQqP6FCLyCp51c7BxV/0GtEV7WLVr1pLi0eXKDcG8wjVSU28uYQrjlrq0QVBcTfPoKqjbmq58sxr4Dd3TxCyddZWbpmNNAv8Tt3JGElkrFdg0Skb4/6RabBXoh/l+mUbrEzb2UYdojdHGEk7dLS5fhpZeR2RKDFKW0nNtjsCR3WJ7AGV9mdWnlgurSIzV0U2MtvGkLbPQgL6L+VjAOzJII5RQeL5ZcsMib8kew64V3IF1tpgfSL70xnO6ln5T3HI166XyV8rJP8LM+xMDtgXvLbp/HFkLGuLGhxpI1W6dpIM6N41N2JtVi+esHkwg+jmNo1Qf9tYfkQ==</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>MIIDLDCCAhSgAwIBAgIVAKw5joclkRM7v8BoI/l7FWUAWuZmMA0GCSqGSIb3DQEBBQUAMBsxGTAX
BgNVBAMTEG11aWRwLm11b2hpby5lZHUwHhcNMTEwOTA2MTgxNzM3WhcNMzEwOTA2MTgxNzM3WjAb
MRkwFwYDVQQDExBtdWlkcC5tdW9oaW8uZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqb1TAe1bFQ71cuQZz4gP91bTRr8OIr9VA6lAB9L3kO5KQYx5NUBkCbKsWky7M/dbW/+Pt9tj
6pkwIEr4GDO0un36EZPi3+1Gv0Wmc2WTGA8xQVCPoUP/bd7e5H+gRF7gla5Aj7zvejARFVnw5ajg
VvTTz5YZAp7Nmw+uJLHMb6IQf+m3xpKGM/tHqZDyhmKIFD18TopyiBLnRGHwKFwxx1SqqfAzkq2O
Or5LWb6M6D4FSF0jR0OGKzl6GNi05zvRm40P+nwydCIaC/XduoWodKuUl7UkX7JaltsaEVLbpXJB
ato9Uwyif1vqXMG4oKv0JqMv0I6uzA2J9wbLhQNgjQIDAQABo2cwZTBEBgNVHREEPTA7ghBtdWlk
cC5tdW9oaW8uZWR1hidodHRwczovL211aWRwLm11b2hpby5lZHUvaWRwL3NoaWJib2xldGgwHQYD
VR0OBBYEFHletfQytS1uCV3Q3wC3ObBMfcpPMA0GCSqGSIb3DQEBBQUAA4IBAQAZUdcZLnMUQpH0
1ZtHKveuPhbjFymh5NThn5Djx83uHXJV8duDEn9+DlEBmIkJefT5IIoRtHQZDeJVk5i5DDm6MJpa
N48/EVYIlsAnJqO1d6u+ccAIRSlWyqeQPTCJ59mEsv6Va9EEO106EPvcAmzkPjkOhl1Xv1kTYkhN
lUe+lD76xgvaizZqxQNOZSohGB6JKWVgpVmNKXrG70bPFoVDW9zHQ1QMn4zgrcdIXAh35hfJ3V11
hYNAxbEJR+a6JcLx6w8sYF4hKcNMez89uunCYYDYqK0Q9zukmasDWzcclzuqiJdWWMieNGYFgQOr
u5/17okAMls3dl2RmjoQgEsN</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml2:Subject>
<saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
NameQualifier="urn:mace:incommon:muohio.edu"
SPNameQualifier="https://account.docusign.com/organizations/98a5dafe-e23f-48f2-a019-0e23119052bc/saml2"
>millsjm5</saml2:NameID>
<saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml2:SubjectConfirmationData Address="10.8.32.168"
InResponseTo="_e754269c-fd37-4972-b1cf-85713d15940b"
NotOnOrAfter="2021-10-13T14:23:26.516Z"
Recipient="https://account.docusign.com/organizations/98a5dafe-e23f-48f2-a019-0e23119052bc/saml2/login/f9ce9c97-2fde-40f3-998a-5818234de781"
/>
</saml2:SubjectConfirmation>
</saml2:Subject>
<saml2:Conditions NotBefore="2021-10-13T14:18:26.501Z"
NotOnOrAfter="2021-10-13T14:23:26.501Z"
>
<saml2:AudienceRestriction>
<saml2:Audience>https://account.docusign.com/organizations/98a5dafe-e23f-48f2-a019-0e23119052bc/saml2</saml2:Audience>
</saml2:AudienceRestriction>
</saml2:Conditions>
<saml2:AuthnStatement AuthnInstant="2021-10-13T14:18:26.355Z"
SessionIndex="_328c1c64a086947d503dd7347b0b269c"
>
<saml2:SubjectLocality Address="10.8.32.168" />
<saml2:AuthnContext>
<saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
</saml2:AuthnContext>
</saml2:AuthnStatement>
<saml2:AttributeStatement>
<saml2:Attribute FriendlyName="uid"
Name="urn:oid:0.9.2342.19200300.100.1.1"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
>
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xsd:string"
>millsjm5</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute FriendlyName="mail"
Name="urn:oid:0.9.2342.19200300.100.1.3"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
>
<saml2:AttributeValue>millsjm5@miamioh.edu</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute FriendlyName="givenName"
Name="urn:oid:2.5.4.42"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
>
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xsd:string"
>Joe</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute FriendlyName="sn"
Name="urn:oid:2.5.4.4"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
>
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xsd:string"
>Mills</saml2:AttributeValue>
</saml2:Attribute>
</saml2:AttributeStatement>
</saml2:Assertion>
</saml2p:Response>