Metadata Sample for Department Users with Auto-Provisioning

When using the XML metadata sample provided below, replace the variable values. For more information about these values, see Configuring Single Sign-On for SAML 2.0 Systems and Post Configuration.

Metadata Sample

  <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" entityID="https://tmdeve36704536int.b2clogin.com/tmdeve36704536int.onmicrosoft.com/B2C_1A_Gateway_Base">    

<ds:Signature>...</ds:Signature>    

<SPSSODescriptor AuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">       

<KeyDescriptor use="signing">          

<ds:KeyInfo>             

<ds:X509Data>                

<ds:X509Certificate>ServiceProvider.com SSO Key</ds:X509Certificate>             

</ds:X509Data>          

</ds:KeyInfo>       

</KeyDescriptor>       

<KeyDescriptor use="encryption">          

<ds:KeyInfo>             

<ds:X509Data>                

<ds:X509Certificate>ServiceProvider.com Encrypt Key</ds:X509Certificate>             

</ds:X509Data>          

</ds:KeyInfo>          

<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa- 1_5" />       

</KeyDescriptor>       

<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location=" https://anyserver.com/SAML/SLO/Browser" />       

<NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</NameIDFormat>       

<AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://tmdeve36704536int.b2clogin.com/tmdeve36704536int.onmicrosoft.com/B2C_1A_User_TrustFrameworkBase/samlp/sso/assertionconsumer" index="0" />       

<AttributeConsumingService index="1">          

<ServiceName xml:lang="en-US">eGain</ServiceName>          

<RequestedAttribute Name="application_type">

<saml:AttributeValue>Application Type</saml:AttributeValue>

</RequestedAttribute>

<RequestedAttribute Name="user_name">

<saml:AttributeValue>User name</saml:AttributeValue>          

</RequestedAttribute>          

<RequestedAttribute Name="department">             

<saml:AttributeValue> Department name</saml:AttributeValue>          

</RequestedAttribute>          

<RequestedAttribute Name="firstName">             

<saml:AttributeValue>User first name</saml:AttributeValue>          

</RequestedAttribute>          

<RequestedAttribute Name="lastName">             

<saml:AttributeValue> User last name</saml:AttributeValue>          

</RequestedAttribute>          

<RequestedAttribute Name="screenName">             

<saml:AttributeValue>User screen name</saml:AttributeValue>          

</RequestedAttribute>

<RequestedAttribute Name="user.groups">

<saml:AttributeValue>Comma-separated values of existing user groups in the department of the user. </saml:AttributeValue>          

</RequestedAttribute>             

</AttributeConsumingService>    

</SPSSODescriptor> </EntityDescriptor>