KIF Metadata

The metadata describe Identity Providers (IdP) and Service Providers (SP) of the respective federation. They are updated every 24 hours.

SAML 2.0 metadata

KIF Federation Metadata

Signed Metadata: (contains all IdPs & SPs)

KIF Metadata Signer certificate: .CER format

SHA1 Fingerprint:


SHA256 Fingerprint: FD:26:9B:84:58:BB:06:6F:66:1D:31:23:F4:52:7C:F3:C3:4D:88:FE:CA:8B:C2:71:0B:3D:43:24:0B:26:0B:BD


eduGAIN Metadata

eduGAIN Metadata: (contains all IdPs & SPs)

SHA1 Fingerprint:


SHA256 Fingerprint: 1B:E3:AD:AF:99:EA:23:A5:1B:7D:82:C5:60:43:DE:38:BE:3A:A9:53:F8:C1:8F:ED:BF:D9:BE:C2:99:2C:6A:F9


Update of Federation Metadata

AAI-enabled systems in the KIF federation are requested to update the metadata at least daily. Hourly updates are strongly recommended in order to support fast propagation of metadata changes.

Instructions for configuring the above metadata with an automatic hourly refresh and signature validation based on the KIF trust anchor can be found in our SP deployment guide and the IdP deployment guide, respectively (MetadataProvider elements in the XML configuration files).

If the SP or IdP downloading metadata is behind a firewall or proxy, please be aware that the IP address of the host may change without notice. Creating IP-based filter rules is therefore discouraged, and we strongly recommend configuring the SP to use a proxy and the IdP to use a proxy instead.