Metadata Sample for Department Users without Auto-Provisioning
When using the XML metadata sample provided below, replace the variable values. For more information about these values, see Configuring Single Sign-On for SAML 2.0 Systems and Post Configuration.
Metadata Sample
<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" entityID="https://tmdeve36704536int.b2clogin.com/tmdeve36704536int.onmicrosoft.com/B2C_1A_Gateway_Base">
<ds:Signature>...</ds:Signature>
<SPSSODescriptor AuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<KeyDescriptor use="signing">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>ServiceProvider.com SSO Key</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<KeyDescriptor use="encryption">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>ServiceProvider.com Encrypt Key</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa- 1_5" />
</KeyDescriptor>
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location=" https://anyserver.com/SAML/SLO/Browser" />
<NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</NameIDFormat>
<AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://tmdeve36704536int.b2clogin.com/tmdeve36704536int.onmicrosoft.com/B2C_1A_User_TrustFrameworkBase/samlp/sso/assertionconsumer " index="0" />
<AttributeConsumingService index="1">
<ServiceName xml:lang="en-US">eGain</ServiceName>
<RequestedAttribute Name="application_type">
<saml:AttributeValue> Application Type</saml:AttributeValue>
</RequestedAttribute>
</AttributeConsumingService>
</SPSSODescriptor>
</EntityDescriptor>