SAML / Guide: Integration info for vendors

Body

Objective

  • To provide information on what is needed to set up single sign-on with Miami 

User

  • Anyone that would like to request single sign-on with Miami using SAML

Environment

  • 10357: Shibboleth
    • Shibboleth GUI

Guidelines

Request new setup

  • A new setup will require an exchange of information between the vendor and IT as well as configurations implemented in our environment
  • Share this article with the vendor
  • Submit a request for a new setup to Miami IT Services

 

About our environment

  • Our metadata: https://muidp.miamioh.edu/idp/shibboleth
  • Our EntityID: urn:mace:incommon:muohio.edu
  • InCommon: We are an InCommon member and consume the InCommon metadata 
  • Supported NameID formats (In preferred order): 
    • urn:oasis:names:tc:SAML:2.0:nameid-format:transient (default)
    • urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
    • urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified (uses uid)
  • Testing accounts: We do not provide testing accounts, but are happy to test service upon request

 

Our SAML requirements

  • Your metadata (URL or file)
  • Your desired attributes
  • Your desired nameID format
  • Login URL for the service
  • Attribute Requester URL/URN (If different from EntityID)
  • SP or IdP-initiated login? (We strongly recommend SP-initiated)

 

Sample assertions

urn:oasis:names:tc:SAML:2.0:nameid-format:transient

<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"

                 xmlns:xsd="http://www.w3.org/2001

/XMLSchema"

                 Destination="https://api.percipio.com/saml/login/callback?connection=saml-967888e6-bdca-404f-adb7-df0eb5c2ac37-1632836313481"

                 ID="_35034deb3abad0810d79c33139258ae2"

                 InResponseTo="_a00bdd6c8edbbd288345"

                 IssueInstant="2021-10-13T14:14:47.624Z"

                 Version="2.0"

                 >

    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">urn:mace:incommon:muohio.edu</saml2:Issuer>

    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">

        <ds:SignedInfo>

            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />

            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />

            <ds:Reference URI="#_35034deb3abad0810d79c33139258ae2">

                <ds:Transforms>

                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />

                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">

                        <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"

                                                PrefixList="xsd"

                                                />

                    </ds:Transform>

                </ds:Transforms>

                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />

                <ds:DigestValue>SYFX9SsIKtZhMNF8v6bUhoqsYWt1H6Tt9Flp/Vo12kE=</ds:DigestValue>

            </ds:Reference>

        </ds:SignedInfo>

        <ds:SignatureValue>Gm1GQ+gxwVEXEG2SU/1IXf9vgLvubrYsRMos0GF41WvOw4EpAJeEAvOc8bqNL5+OOh656vQ34/2yp+YSXGZH1+VHhK4RTBUUAfz948RHqVOSasyG2lVaPPPfHt45RS2aVmDewhrbOd0PDC8TSV+Eas53MalrqNIqaHzzJw5bDa0r1171PWhpb4RjkxXccKRivOD6TFGHeEsHSfRUFNiZ4rkw8T29q5VMyzx+1qa1ACv3E/kOg4QXDz7+6C8kSV5eLDMZuZ9KMIU1S2EjqIcSyGkKPfFW/O2yt86HoYwvFCzBbB1mPlou3+5KM68IqcVdpfz2jR1rI2tuY/Etf5SAsg==</ds:SignatureValue>

        <ds:KeyInfo>

            <ds:X509Data>

                <ds:X509Certificate>MIIDLDCCAhSgAwIBAgIVAKw5joclkRM7v8BoI/l7FWUAWuZmMA0GCSqGSIb3DQEBBQUAMBsxGTAX

BgNVBAMTEG11aWRwLm11b2hpby5lZHUwHhcNMTEwOTA2MTgxNzM3WhcNMzEwOTA2MTgxNzM3WjAb

MRkwFwYDVQQDExBtdWlkcC5tdW9oaW8uZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC

AQEAqb1TAe1bFQ71cuQZz4gP91bTRr8OIr9VA6lAB9L3kO5KQYx5NUBkCbKsWky7M/dbW/+Pt9tj

6pkwIEr4GDO0un36EZPi3+1Gv0Wmc2WTGA8xQVCPoUP/bd7e5H+gRF7gla5Aj7zvejARFVnw5ajg

VvTTz5YZAp7Nmw+uJLHMb6IQf+m3xpKGM/tHqZDyhmKIFD18TopyiBLnRGHwKFwxx1SqqfAzkq2O

Or5LWb6M6D4FSF0jR0OGKzl6GNi05zvRm40P+nwydCIaC/XduoWodKuUl7UkX7JaltsaEVLbpXJB

ato9Uwyif1vqXMG4oKv0JqMv0I6uzA2J9wbLhQNgjQIDAQABo2cwZTBEBgNVHREEPTA7ghBtdWlk

cC5tdW9oaW8uZWR1hidodHRwczovL211aWRwLm11b2hpby5lZHUvaWRwL3NoaWJib2xldGgwHQYD

VR0OBBYEFHletfQytS1uCV3Q3wC3ObBMfcpPMA0GCSqGSIb3DQEBBQUAA4IBAQAZUdcZLnMUQpH0

1ZtHKveuPhbjFymh5NThn5Djx83uHXJV8duDEn9+DlEBmIkJefT5IIoRtHQZDeJVk5i5DDm6MJpa

N48/EVYIlsAnJqO1d6u+ccAIRSlWyqeQPTCJ59mEsv6Va9EEO106EPvcAmzkPjkOhl1Xv1kTYkhN

lUe+lD76xgvaizZqxQNOZSohGB6JKWVgpVmNKXrG70bPFoVDW9zHQ1QMn4zgrcdIXAh35hfJ3V11

hYNAxbEJR+a6JcLx6w8sYF4hKcNMez89uunCYYDYqK0Q9zukmasDWzcclzuqiJdWWMieNGYFgQOr

u5/17okAMls3dl2RmjoQgEsN</ds:X509Certificate>

            </ds:X509Data>

        </ds:KeyInfo>

    </ds:Signature>

    <saml2p:Status>

        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />

    </saml2p:Status>

    <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"

                     xmlns:xsd="http://www.w3.org/2001/XMLSchema"

                     ID="_5a1b333c00834c5fff4321d8d21ab238"

                     IssueInstant="2021-10-13T14:14:47.624Z"

                     Version="2.0"

                     >

        <saml2:Issuer>urn:mace:incommon:muohio.edu</saml2:Issuer>

        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">

            <ds:SignedInfo>

                <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />

                <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />

                <ds:Reference URI="#_5a1b333c00834c5fff4321d8d21ab238">

                    <ds:Transforms>

                        <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />

                        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">

                            <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"

                                                    PrefixList="xsd"

                                                    />

                        </ds:Transform>

                    </ds:Transforms>

                    <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />

                    <ds:DigestValue>ksC1ULNJukUG/aPnj6rdPwLBpoxV9RCDNlk88LbqQz4=</ds:DigestValue>

                </ds:Reference>

            </ds:SignedInfo>

            <ds:SignatureValue>PDNc/HAmdN3/a6xrqhzRlYhSOUEqLERkSqv1hmIdW/aWTaorkQ46s+F1oSruzsFUt0SKgdQKTe9YXl48kOUHOWV18NAomRvBoOgTjCgQalCIErJWS2q3c5AolHouw9ttHzr7gXlhuUvCc/mRB1nFYsAwgxogalxgZaqCVha4irxnVy50Bn9HOkD/3xCT7jW61ZUxjvHD84Vvqok/Bhu7fx9svgC5rcHy+qARf9c5a6g+1L2k7OnN5k5DV+JagR+taijwSq+RFwBQLeHi79MgK6CJp0BvYSUi+lF93/7A9slDYO6GOJRaVKizzs44JvmcQKh1z0VKkyc3dbzErsnTBQ==</ds:SignatureValue>

            <ds:KeyInfo>

                <ds:X509Data>

                    <ds:X509Certificate>MIIDLDCCAhSgAwIBAgIVAKw5joclkRM7v8BoI/l7FWUAWuZmMA0GCSqGSIb3DQEBBQUAMBsxGTAX

BgNVBAMTEG11aWRwLm11b2hpby5lZHUwHhcNMTEwOTA2MTgxNzM3WhcNMzEwOTA2MTgxNzM3WjAb

MRkwFwYDVQQDExBtdWlkcC5tdW9oaW8uZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC

AQEAqb1TAe1bFQ71cuQZz4gP91bTRr8OIr9VA6lAB9L3kO5KQYx5NUBkCbKsWky7M/dbW/+Pt9tj

6pkwIEr4GDO0un36EZPi3+1Gv0Wmc2WTGA8xQVCPoUP/bd7e5H+gRF7gla5Aj7zvejARFVnw5ajg

VvTTz5YZAp7Nmw+uJLHMb6IQf+m3xpKGM/tHqZDyhmKIFD18TopyiBLnRGHwKFwxx1SqqfAzkq2O

Or5LWb6M6D4FSF0jR0OGKzl6GNi05zvRm40P+nwydCIaC/XduoWodKuUl7UkX7JaltsaEVLbpXJB

ato9Uwyif1vqXMG4oKv0JqMv0I6uzA2J9wbLhQNgjQIDAQABo2cwZTBEBgNVHREEPTA7ghBtdWlk

cC5tdW9oaW8uZWR1hidodHRwczovL211aWRwLm11b2hpby5lZHUvaWRwL3NoaWJib2xldGgwHQYD

VR0OBBYEFHletfQytS1uCV3Q3wC3ObBMfcpPMA0GCSqGSIb3DQEBBQUAA4IBAQAZUdcZLnMUQpH0

1ZtHKveuPhbjFymh5NThn5Djx83uHXJV8duDEn9+DlEBmIkJefT5IIoRtHQZDeJVk5i5DDm6MJpa

N48/EVYIlsAnJqO1d6u+ccAIRSlWyqeQPTCJ59mEsv6Va9EEO106EPvcAmzkPjkOhl1Xv1kTYkhN

lUe+lD76xgvaizZqxQNOZSohGB6JKWVgpVmNKXrG70bPFoVDW9zHQ1QMn4zgrcdIXAh35hfJ3V11

hYNAxbEJR+a6JcLx6w8sYF4hKcNMez89uunCYYDYqK0Q9zukmasDWzcclzuqiJdWWMieNGYFgQOr

u5/17okAMls3dl2RmjoQgEsN</ds:X509Certificate>

                </ds:X509Data>

            </ds:KeyInfo>

        </ds:Signature>

        <saml2:Subject>

            <saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"

                          NameQualifier="urn:mace:incommon:muohio.edu"

                          SPNameQualifier="urn:percipio:prod:saml-967888e6-bdca-404f-adb7-df0eb5c2ac37-1632836313481"

                          >AAdzZWNyZXQx+mBRlBuObPpsmVzPD9Sv4EjyGwY1OwW2wo2524Gyc3sjr6bQBnaGaCbpistSKpjIWh+3hHunsKEFdSitZSTwc+aZ0pEOAQJaJvs2P0LmyjZHW0SuQmKwcXQCfQQBaLAnytaZOKS2N5f8QN/HzqKMYcSzX1QnAlgvoYS/sODSaJ4XUH+7H2rJysoAKXZu5g==</saml2:NameID>

            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">

                <saml2:SubjectConfirmationData Address="10.8.32.62"

                                               InResponseTo="_a00bdd6c8edbbd288345"

                                               NotOnOrAfter="2021-10-13T14:19:47.628Z"

                                               Recipient="https://api.percipio.com/saml/login/callback?connection=saml-967888e6-bdca-404f-adb7-df0eb5c2ac37-1632836313481"

                                               />

            </saml2:SubjectConfirmation>

        </saml2:Subject>

        <saml2:Conditions NotBefore="2021-10-13T14:14:47.624Z"

                          NotOnOrAfter="2021-10-13T14:19:47.624Z"

                          >

            <saml2:AudienceRestriction>

                <saml2:Audience>urn:percipio:prod:saml-967888e6-bdca-404f-adb7-df0eb5c2ac37-1632836313481</saml2:Audience>

            </saml2:AudienceRestriction>

        </saml2:Conditions>

        <saml2:AuthnStatement AuthnInstant="2021-10-13T14:14:47.548Z"

                              SessionIndex="_40e9f1653eeabe70b1ccbcff2e1a320c"

                              >

            <saml2:SubjectLocality Address="10.8.32.62" />

            <saml2:AuthnContext>

                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>

            </saml2:AuthnContext>

        </saml2:AuthnStatement>

        <saml2:AttributeStatement>

            <saml2:Attribute FriendlyName="uid"

                             Name="urn:oid:0.9.2342.19200300.100.1.1"

                             NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"

                             >

                <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

                                      xsi:type="xsd:string"

                                      >wardtd</saml2:AttributeValue>

            </saml2:Attribute>

            <saml2:Attribute FriendlyName="displayName"

                             Name="urn:oid:2.16.840.1.113730.3.1.241"

                             NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"

                             >

                <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

                                      xsi:type="xsd:string"

                                      >Tim Ward</saml2:AttributeValue>

            </saml2:Attribute>

            <saml2:Attribute FriendlyName="muohioeduDepartment"

                             Name="urn:mace:dir:attribute-def:muohioeduDepartment"

                             NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"

                             >

                <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

                                      xsi:type="xsd:string"

                                      >Information Technology Services</saml2:AttributeValue>

            </saml2:Attribute>

            <saml2:Attribute FriendlyName="sn"

                             Name="urn:oid:2.5.4.4"

                             NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"

                             >

                <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

                                      xsi:type="xsd:string"

                                      >Ward</saml2:AttributeValue>

            </saml2:Attribute>

            <saml2:Attribute FriendlyName="mail"

                             Name="urn:oid:0.9.2342.19200300.100.1.3"

                             NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"

                             >

                <saml2:AttributeValue>wardtd@miamioh.edu</saml2:AttributeValue>

            </saml2:Attribute>

        </saml2:AttributeStatement>

    </saml2:Assertion>

</saml2p:Response>

 

 

urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress 

<saml2p:Response Destination="https://prod-api.examsoft.io/saml/SSO"

                 ID="_13a770e13cc17d65cff07c9e8bdcc466"

                 InResponseTo="ag274dgec936i1he2f02100d19a90"

                 IssueInstant="2021-10-13T14:21:29.978Z"

                 Version="2.0"

                 xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"

                 xmlns:xsd="http://www.w3.org/2001/XMLSchema"

                 >

    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">urn:mace:incommon:muohio.edu</saml2:Issuer>

    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">

        <ds:SignedInfo>

            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />

            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />

            <ds:Reference URI="#_13a770e13cc17d65cff07c9e8bdcc466">

                <ds:Transforms>

                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />

                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">

                        <ec:InclusiveNamespaces PrefixList="xsd"

                                                xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"

                                                />

                    </ds:Transform>

                </ds:Transforms>

                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />

                <ds:DigestValue>7uLKAm21Tcx9QPSs42oxWhr1xDRWJvtaw4T5zF/mC+g=</ds:DigestValue>

            </ds:Reference>

        </ds:SignedInfo>

        <ds:SignatureValue>aHtJoTpLIfSPacqayH2aM7+K8tDmZz6vtxOlD+KI0CiIg3b3M4Tl+zMH6b1yc5lx4ZRQXVATmZxmAM0KJL/VpuUu2rTsbTKsr4+tOOxNFWnTJRaTucMFpGIMZVN3XCxyjgDgeHq+FvUxwpz7v+kGm0B5IR0JmeAhvHZBayHzCwXqVKv5B4EiWkggiYykDxotyFm1VjU/uxYIKT4vlsdYrKimlEZHGt3Kdecu1cJjHYlaSbLskwYJWNzLlpDpYBr+GDc1cRvqEvyKtwPkZHVxI4UdzmODzE+Mg56oiLTcHYXwFRaf5bw9+rr6UqEkAuuLqfyap1vHGFPAkJW843EXqQ==</ds:SignatureValue>

        <ds:KeyInfo>

            <ds:X509Data>

                <ds:X509Certificate>MIIDLDCCAhSgAwIBAgIVAKw5joclkRM7v8BoI/l7FWUAWuZmMA0GCSqGSIb3DQEBBQUAMBsxGTAX

BgNVBAMTEG11aWRwLm11b2hpby5lZHUwHhcNMTEwOTA2MTgxNzM3WhcNMzEwOTA2MTgxNzM3WjAb

MRkwFwYDVQQDExBtdWlkcC5tdW9oaW8uZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC

AQEAqb1TAe1bFQ71cuQZz4gP91bTRr8OIr9VA6lAB9L3kO5KQYx5NUBkCbKsWky7M/dbW/+Pt9tj

6pkwIEr4GDO0un36EZPi3+1Gv0Wmc2WTGA8xQVCPoUP/bd7e5H+gRF7gla5Aj7zvejARFVnw5ajg

VvTTz5YZAp7Nmw+uJLHMb6IQf+m3xpKGM/tHqZDyhmKIFD18TopyiBLnRGHwKFwxx1SqqfAzkq2O

Or5LWb6M6D4FSF0jR0OGKzl6GNi05zvRm40P+nwydCIaC/XduoWodKuUl7UkX7JaltsaEVLbpXJB

ato9Uwyif1vqXMG4oKv0JqMv0I6uzA2J9wbLhQNgjQIDAQABo2cwZTBEBgNVHREEPTA7ghBtdWlk

cC5tdW9oaW8uZWR1hidodHRwczovL211aWRwLm11b2hpby5lZHUvaWRwL3NoaWJib2xldGgwHQYD

VR0OBBYEFHletfQytS1uCV3Q3wC3ObBMfcpPMA0GCSqGSIb3DQEBBQUAA4IBAQAZUdcZLnMUQpH0

1ZtHKveuPhbjFymh5NThn5Djx83uHXJV8duDEn9+DlEBmIkJefT5IIoRtHQZDeJVk5i5DDm6MJpa

N48/EVYIlsAnJqO1d6u+ccAIRSlWyqeQPTCJ59mEsv6Va9EEO106EPvcAmzkPjkOhl1Xv1kTYkhN

lUe+lD76xgvaizZqxQNOZSohGB6JKWVgpVmNKXrG70bPFoVDW9zHQ1QMn4zgrcdIXAh35hfJ3V11

hYNAxbEJR+a6JcLx6w8sYF4hKcNMez89uunCYYDYqK0Q9zukmasDWzcclzuqiJdWWMieNGYFgQOr

u5/17okAMls3dl2RmjoQgEsN</ds:X509Certificate>

            </ds:X509Data>

        </ds:KeyInfo>

    </ds:Signature>

    <saml2p:Status>

        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />

    </saml2p:Status>

    <saml2:Assertion ID="_f609dc840af5aee3de637387b311556c"

                     IssueInstant="2021-10-13T14:21:29.978Z"

                     Version="2.0"

                     xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"

                     xmlns:xsd="http://www.w3.org/2001/XMLSchema"

                     >

        <saml2:Issuer>urn:mace:incommon:muohio.edu</saml2:Issuer>

        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">

            <ds:SignedInfo>

                <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />

                <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />

                <ds:Reference URI="#_f609dc840af5aee3de637387b311556c">

                    <ds:Transforms>

                        <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />

                        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">

                            <ec:InclusiveNamespaces PrefixList="xsd"

                                                    xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"

                                                    />

                        </ds:Transform>

                    </ds:Transforms>

                    <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />

                    <ds:DigestValue>sAICMCz4XGPjxDYqvPpg4O3/e+MNrY+MCWiY5LmERlQ=</ds:DigestValue>

                </ds:Reference>

            </ds:SignedInfo>

            <ds:SignatureValue>bFTUysTcflKkTvcXr/dob0PgylwQc5NlLr2OkYDpTBTUDf0Al3/EvrQPQu1cENdCYeM0V5LWs48lXiZN1MU0OYUAsN8/IrTBwZtsICJUzekuqWlVJbliR76Aqdet+XR5xm1P7Pq4ERZSxzlKoOrUqTBOT8W+1VZSCJ5eNYLFQlmcbpJjK00aYx/np9PFqaopkBkpLY/NmCgKBRtNxu+SUpZs+mivUHwLhOQx5779X+Au0QAuqb73yKF64GmFHWNaaR9keE5RJBoib2eSfGMuRD4paHzYsSbwICCRW9Cs5A1T7/4XElkgn1PlQlHlUbuL+44jAh6cAX7SMgHV81gURw==</ds:SignatureValue>

            <ds:KeyInfo>

                <ds:X509Data>

                    <ds:X509Certificate>MIIDLDCCAhSgAwIBAgIVAKw5joclkRM7v8BoI/l7FWUAWuZmMA0GCSqGSIb3DQEBBQUAMBsxGTAX

BgNVBAMTEG11aWRwLm11b2hpby5lZHUwHhcNMTEwOTA2MTgxNzM3WhcNMzEwOTA2MTgxNzM3WjAb

MRkwFwYDVQQDExBtdWlkcC5tdW9oaW8uZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC

AQEAqb1TAe1bFQ71cuQZz4gP91bTRr8OIr9VA6lAB9L3kO5KQYx5NUBkCbKsWky7M/dbW/+Pt9tj

6pkwIEr4GDO0un36EZPi3+1Gv0Wmc2WTGA8xQVCPoUP/bd7e5H+gRF7gla5Aj7zvejARFVnw5ajg

VvTTz5YZAp7Nmw+uJLHMb6IQf+m3xpKGM/tHqZDyhmKIFD18TopyiBLnRGHwKFwxx1SqqfAzkq2O

Or5LWb6M6D4FSF0jR0OGKzl6GNi05zvRm40P+nwydCIaC/XduoWodKuUl7UkX7JaltsaEVLbpXJB

ato9Uwyif1vqXMG4oKv0JqMv0I6uzA2J9wbLhQNgjQIDAQABo2cwZTBEBgNVHREEPTA7ghBtdWlk

cC5tdW9oaW8uZWR1hidodHRwczovL211aWRwLm11b2hpby5lZHUvaWRwL3NoaWJib2xldGgwHQYD

VR0OBBYEFHletfQytS1uCV3Q3wC3ObBMfcpPMA0GCSqGSIb3DQEBBQUAA4IBAQAZUdcZLnMUQpH0

1ZtHKveuPhbjFymh5NThn5Djx83uHXJV8duDEn9+DlEBmIkJefT5IIoRtHQZDeJVk5i5DDm6MJpa

N48/EVYIlsAnJqO1d6u+ccAIRSlWyqeQPTCJ59mEsv6Va9EEO106EPvcAmzkPjkOhl1Xv1kTYkhN

lUe+lD76xgvaizZqxQNOZSohGB6JKWVgpVmNKXrG70bPFoVDW9zHQ1QMn4zgrcdIXAh35hfJ3V11

hYNAxbEJR+a6JcLx6w8sYF4hKcNMez89uunCYYDYqK0Q9zukmasDWzcclzuqiJdWWMieNGYFgQOr

u5/17okAMls3dl2RmjoQgEsN</ds:X509Certificate>

                </ds:X509Data>

            </ds:KeyInfo>

        </ds:Signature>

        <saml2:Subject>

            <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"

                          NameQualifier="urn:mace:incommon:muohio.edu"

                          SPNameQualifier="https://prod-api.examsoft.io"

                          >olayasa@miamioh.edu</saml2:NameID>

            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">

                <saml2:SubjectConfirmationData Address="10.8.32.182"

                                               InResponseTo="ag274dgec936i1he2f02100d19a90"

                                               NotOnOrAfter="2021-10-13T14:26:29.981Z"

                                               Recipient="https://prod-api.examsoft.io/saml/SSO"

                                               />

            </saml2:SubjectConfirmation>

        </saml2:Subject>

        <saml2:Conditions NotBefore="2021-10-13T14:21:29.978Z"

                          NotOnOrAfter="2021-10-13T14:26:29.978Z"

                          >

            <saml2:AudienceRestriction>

                <saml2:Audience>https://prod-api.examsoft.io</saml2:Audience>

            </saml2:AudienceRestriction>

        </saml2:Conditions>

        <saml2:AuthnStatement AuthnInstant="2021-10-13T14:21:29.946Z"

                              SessionIndex="_4b43bfe028d2073e522a4e1ecddc5d49"

                              >

            <saml2:SubjectLocality Address="10.8.32.182" />

            <saml2:AuthnContext>

                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>

            </saml2:AuthnContext>

        </saml2:AuthnStatement>

        <saml2:AttributeStatement>

            <saml2:Attribute FriendlyName="mail"

                             Name="urn:oid:0.9.2342.19200300.100.1.3"

                             NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"

                             >

                <saml2:AttributeValue>olayasa@miamioh.edu</saml2:AttributeValue>

            </saml2:Attribute>

            <saml2:Attribute FriendlyName="eduPersonPrincipalName"

                             Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"

                             NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"

                             >

                <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

                                      xsi:type="xsd:string"

                                      >olayasa@miamioh.edu</saml2:AttributeValue>

            </saml2:Attribute>

            <saml2:Attribute FriendlyName="mail"

                             Name="urn:oid:0.9.2342.19200300.100.1.3"

                             NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"

                             >

                <saml2:AttributeValue>olayasa@miamioh.edu</saml2:AttributeValue>

            </saml2:Attribute>

        </saml2:AttributeStatement>

    </saml2:Assertion>

</saml2p:Response>

 

urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified 

<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"

                 xmlns:xsd="http://www.w3.org/2001/XMLSchema"

                 Destination="https://account.docusign.com/organizations/98a5dafe-e23f-48f2-a019-0e23119052bc/saml2/login/f9ce9c97-2fde-40f3-998a-5818234de781"

                 ID="_903f04b75164d9366b962c3b464d4ca8"

                 InResponseTo="_e754269c-fd37-4972-b1cf-85713d15940b"

                 IssueInstant="2021-10-13T14:18:26.501Z"

                 Version="2.0"

                 >

    <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">urn:mace:incommon:muohio.edu</saml2:Issuer>

    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">

        <ds:SignedInfo>

            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />

            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />

            <ds:Reference URI="#_903f04b75164d9366b962c3b464d4ca8">

                <ds:Transforms>

                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />

                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">

                        <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"

                                                PrefixList="xsd"

                                                />

                    </ds:Transform>

                </ds:Transforms>

                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />

                <ds:DigestValue>JTZL/04TliJNtgUwNBsJ32u7NGBh1PMXbo9Vuj7mTQU=</ds:DigestValue>

            </ds:Reference>

        </ds:SignedInfo>

        <ds:SignatureValue>Sj7KIpsbEQUOO5z5/+jjh1o87Eb8mDjk+bEe7tjK+aw+wdUVDoY9O4tPWX/Tcf7YW/+ynhVOgKZWtV2TQdN2aT0Qj60YfVpmDSwz3pXOeL63Tw4F38NPuSQcrF9D4LQvk8Yvkd7hLbeL5cGz4qaxO3o9DWcCNv0jtriR+myiPnOT/AnVW+mPsfSFJ88JZmh2gaUH+oosoGHZNzxBavxDvqdx1aurWEh9DxIyAzwfgKTASBQ324ZoIr0RFyXzCmKpbH3Bk4MFcSIDefJBmH4AtN3wZdiD/wANmh+rjdJV7iIIDxEn0beqTHzUTeaYiFGmQ88gRxmT/9M2R/yIWBFYGg==</ds:SignatureValue>

        <ds:KeyInfo>

            <ds:X509Data>

                <ds:X509Certificate>MIIDLDCCAhSgAwIBAgIVAKw5joclkRM7v8BoI/l7FWUAWuZmMA0GCSqGSIb3DQEBBQUAMBsxGTAX

BgNVBAMTEG11aWRwLm11b2hpby5lZHUwHhcNMTEwOTA2MTgxNzM3WhcNMzEwOTA2MTgxNzM3WjAb

MRkwFwYDVQQDExBtdWlkcC5tdW9oaW8uZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC

AQEAqb1TAe1bFQ71cuQZz4gP91bTRr8OIr9VA6lAB9L3kO5KQYx5NUBkCbKsWky7M/dbW/+Pt9tj

6pkwIEr4GDO0un36EZPi3+1Gv0Wmc2WTGA8xQVCPoUP/bd7e5H+gRF7gla5Aj7zvejARFVnw5ajg

VvTTz5YZAp7Nmw+uJLHMb6IQf+m3xpKGM/tHqZDyhmKIFD18TopyiBLnRGHwKFwxx1SqqfAzkq2O

Or5LWb6M6D4FSF0jR0OGKzl6GNi05zvRm40P+nwydCIaC/XduoWodKuUl7UkX7JaltsaEVLbpXJB

ato9Uwyif1vqXMG4oKv0JqMv0I6uzA2J9wbLhQNgjQIDAQABo2cwZTBEBgNVHREEPTA7ghBtdWlk

cC5tdW9oaW8uZWR1hidodHRwczovL211aWRwLm11b2hpby5lZHUvaWRwL3NoaWJib2xldGgwHQYD

VR0OBBYEFHletfQytS1uCV3Q3wC3ObBMfcpPMA0GCSqGSIb3DQEBBQUAA4IBAQAZUdcZLnMUQpH0

1ZtHKveuPhbjFymh5NThn5Djx83uHXJV8duDEn9+DlEBmIkJefT5IIoRtHQZDeJVk5i5DDm6MJpa

N48/EVYIlsAnJqO1d6u+ccAIRSlWyqeQPTCJ59mEsv6Va9EEO106EPvcAmzkPjkOhl1Xv1kTYkhN

lUe+lD76xgvaizZqxQNOZSohGB6JKWVgpVmNKXrG70bPFoVDW9zHQ1QMn4zgrcdIXAh35hfJ3V11

hYNAxbEJR+a6JcLx6w8sYF4hKcNMez89uunCYYDYqK0Q9zukmasDWzcclzuqiJdWWMieNGYFgQOr

u5/17okAMls3dl2RmjoQgEsN</ds:X509Certificate>

            </ds:X509Data>

        </ds:KeyInfo>

    </ds:Signature>

    <saml2p:Status>

        <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />

    </saml2p:Status>

    <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"

                     xmlns:xsd="http://www.w3.org/2001/XMLSchema"

                     ID="_756cd3fb9e44d6feb72c48fc3c0a1d6c"

                     IssueInstant="2021-10-13T14:18:26.501Z"

                     Version="2.0"

                     >

        <saml2:Issuer>urn:mace:incommon:muohio.edu</saml2:Issuer>

        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">

            <ds:SignedInfo>

                <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />

                <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />

                <ds:Reference URI="#_756cd3fb9e44d6feb72c48fc3c0a1d6c">

                    <ds:Transforms>

                        <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />

                        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">

                            <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"

                                                    PrefixList="xsd"

                                                    />

                        </ds:Transform>

                    </ds:Transforms>

                    <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />

                    <ds:DigestValue>L9qYNtcE0BizvZf3UmaUL8Z4ZXnFALvBTVThQ6MPdTU=</ds:DigestValue>

                </ds:Reference>

            </ds:SignedInfo>

            <ds:SignatureValue>K8LrRuztP4eIQqP6FCLyCp51c7BxV/0GtEV7WLVr1pLi0eXKDcG8wjVSU28uYQrjlrq0QVBcTfPoKqjbmq58sxr4Dd3TxCyddZWbpmNNAv8Tt3JGElkrFdg0Skb4/6RabBXoh/l+mUbrEzb2UYdojdHGEk7dLS5fhpZeR2RKDFKW0nNtjsCR3WJ7AGV9mdWnlgurSIzV0U2MtvGkLbPQgL6L+VjAOzJII5RQeL5ZcsMib8kew64V3IF1tpgfSL70xnO6ln5T3HI166XyV8rJP8LM+xMDtgXvLbp/HFkLGuLGhxpI1W6dpIM6N41N2JtVi+esHkwg+jmNo1Qf9tYfkQ==</ds:SignatureValue>

            <ds:KeyInfo>

                <ds:X509Data>

                    <ds:X509Certificate>MIIDLDCCAhSgAwIBAgIVAKw5joclkRM7v8BoI/l7FWUAWuZmMA0GCSqGSIb3DQEBBQUAMBsxGTAX

BgNVBAMTEG11aWRwLm11b2hpby5lZHUwHhcNMTEwOTA2MTgxNzM3WhcNMzEwOTA2MTgxNzM3WjAb

MRkwFwYDVQQDExBtdWlkcC5tdW9oaW8uZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC

AQEAqb1TAe1bFQ71cuQZz4gP91bTRr8OIr9VA6lAB9L3kO5KQYx5NUBkCbKsWky7M/dbW/+Pt9tj

6pkwIEr4GDO0un36EZPi3+1Gv0Wmc2WTGA8xQVCPoUP/bd7e5H+gRF7gla5Aj7zvejARFVnw5ajg

VvTTz5YZAp7Nmw+uJLHMb6IQf+m3xpKGM/tHqZDyhmKIFD18TopyiBLnRGHwKFwxx1SqqfAzkq2O

Or5LWb6M6D4FSF0jR0OGKzl6GNi05zvRm40P+nwydCIaC/XduoWodKuUl7UkX7JaltsaEVLbpXJB

ato9Uwyif1vqXMG4oKv0JqMv0I6uzA2J9wbLhQNgjQIDAQABo2cwZTBEBgNVHREEPTA7ghBtdWlk

cC5tdW9oaW8uZWR1hidodHRwczovL211aWRwLm11b2hpby5lZHUvaWRwL3NoaWJib2xldGgwHQYD

VR0OBBYEFHletfQytS1uCV3Q3wC3ObBMfcpPMA0GCSqGSIb3DQEBBQUAA4IBAQAZUdcZLnMUQpH0

1ZtHKveuPhbjFymh5NThn5Djx83uHXJV8duDEn9+DlEBmIkJefT5IIoRtHQZDeJVk5i5DDm6MJpa

N48/EVYIlsAnJqO1d6u+ccAIRSlWyqeQPTCJ59mEsv6Va9EEO106EPvcAmzkPjkOhl1Xv1kTYkhN

lUe+lD76xgvaizZqxQNOZSohGB6JKWVgpVmNKXrG70bPFoVDW9zHQ1QMn4zgrcdIXAh35hfJ3V11

hYNAxbEJR+a6JcLx6w8sYF4hKcNMez89uunCYYDYqK0Q9zukmasDWzcclzuqiJdWWMieNGYFgQOr

u5/17okAMls3dl2RmjoQgEsN</ds:X509Certificate>

                </ds:X509Data>

            </ds:KeyInfo>

        </ds:Signature>

        <saml2:Subject>

            <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"

                          NameQualifier="urn:mace:incommon:muohio.edu"

                          SPNameQualifier="https://account.docusign.com/organizations/98a5dafe-e23f-48f2-a019-0e23119052bc/saml2"

                          >millsjm5</saml2:NameID>

            <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">

                <saml2:SubjectConfirmationData Address="10.8.32.168"

                                               InResponseTo="_e754269c-fd37-4972-b1cf-85713d15940b"

                                               NotOnOrAfter="2021-10-13T14:23:26.516Z"

                                               Recipient="https://account.docusign.com/organizations/98a5dafe-e23f-48f2-a019-0e23119052bc/saml2/login/f9ce9c97-2fde-40f3-998a-5818234de781"

                                               />

            </saml2:SubjectConfirmation>

        </saml2:Subject>

        <saml2:Conditions NotBefore="2021-10-13T14:18:26.501Z"

                          NotOnOrAfter="2021-10-13T14:23:26.501Z"

                          >

            <saml2:AudienceRestriction>

                <saml2:Audience>https://account.docusign.com/organizations/98a5dafe-e23f-48f2-a019-0e23119052bc/saml2</saml2:Audience>

            </saml2:AudienceRestriction>

        </saml2:Conditions>

        <saml2:AuthnStatement AuthnInstant="2021-10-13T14:18:26.355Z"

                              SessionIndex="_328c1c64a086947d503dd7347b0b269c"

                              >

            <saml2:SubjectLocality Address="10.8.32.168" />

            <saml2:AuthnContext>

                <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>

            </saml2:AuthnContext>

        </saml2:AuthnStatement>

        <saml2:AttributeStatement>

            <saml2:Attribute FriendlyName="uid"

                             Name="urn:oid:0.9.2342.19200300.100.1.1"

                             NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"

                             >

                <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

                                      xsi:type="xsd:string"

                                      >millsjm5</saml2:AttributeValue>

            </saml2:Attribute>

            <saml2:Attribute FriendlyName="mail"

                             Name="urn:oid:0.9.2342.19200300.100.1.3"

                             NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"

                             >

                <saml2:AttributeValue>millsjm5@miamioh.edu</saml2:AttributeValue>

            </saml2:Attribute>

            <saml2:Attribute FriendlyName="givenName"

                             Name="urn:oid:2.5.4.42"

                             NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"

                             >

                <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

                                      xsi:type="xsd:string"

                                      >Joe</saml2:AttributeValue>

            </saml2:Attribute>

            <saml2:Attribute FriendlyName="sn"

                             Name="urn:oid:2.5.4.4"

                             NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"

                             >

                <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

                                      xsi:type="xsd:string"

                                      >Mills</saml2:AttributeValue>

            </saml2:Attribute>

        </saml2:AttributeStatement>

    </saml2:Assertion>

</saml2p:Response>

 

Details

Details

Article ID: 138639
Created
Wed 10/13/21 11:00 AM
Modified
Wed 11/13/24 5:06 PM
Supported Office or Community
University Community of Students, Staff, and Faculty

Related Services / Offerings

Related Services / Offerings (1)