Metadata_url for SAML should support fetching certificate information dynamically

In environments where certificates are rotated automatically every few months (Azure AD), the current strategy of fetching the metadata once and then saving it as manual settings will require refreshing it whenever the certificate is rotated.
Metadata_URL being set should cause a dynamic fetch at login time.
  • Austin Merritt
  • Nov 23 2016
  • Will not implement
  • Oct 11, 2019

    Admin Response

    Thanks for the idea!

    We currently do not have plans to implement this request. We will continue to monitor for overall community feedback. We hope you can understand.

  • Attach files
  • warren lester commented
    21 Aug, 2017 02:45pm

    We recently had an issue with annual renewal of ADFS certificates which gave rise to fingerprint inconstencies.