Unique Entity ID

Zoran Avtarovski

Hi Guys,

I am getting an error when I submit my generated SPMetaData file with regards to the ENity ID I am using. I know why I'm getting the error I'm just not sure what the protocols are to deal with this.  The error is:

Error(Line 1): the specified entity id https://saml.app.domain.dk is used by another service. Please choose another name.

The issue I have is we are the other service using the domain, for our OIOSAML2 config. The OIOSAML Web SSO Profile Guide says:

Deployments MUST be named via an absolute URI whose total length MUST NOT exceed 256 characters. To support having a well-known location from which metadata can be downloaded the Entity Identifier SHOULD be derived from the internet domain name of the Service Provider e.g.

     https://saml.[domain name]

I'm not sure what the protocols in this case are.  I don't want to create an entity ID that breaks convention or will cause issues down the line.

Thanks again


Hi Guys,

There has been no response on this and our kocal team at the hospital has suggested we go with https://saml3.[domain name] for the entityID but keep all the urls as are, which makes sense.

Does anybody see any issues arising if we take this approach?




Hi Zoran

Since OIOSAML3, Service Providers are no longer required to have entityId prefixed with "https://saml." according to https://migrering.nemlog-in.dk/nemlog-in-broker/sporgsmal-og-svar/oiosaml/



entityID is the ID pointing to your service, which you can change at the first line in your metadata file. In my case the previous entityID was https://[domain name].dk, and when i created the oiosaml 3 system, i got the impression i could pick whatever. I ended up with https://[domain name]2022.dk

Thanks for your feeback.

In the end we went with https://saml3.[domain.name