An asterisk * in the title indicates the field is mandatory.
If a field has a default value, it is shown in the Description column.
If the field type is an array, the Field Name has a .[n] suffix, where n is the array index placeholder.
Object and array field names are listed to provide context. If a field belongs to an object or an array, the full field name is shown in dot separated notation.

Title					Description	Details
Entity Id					Usually your subdomain plus the url to the metadata	Field Name: entity_id Type: String
Service Provider Settings					Defines the settings that apply to the system when used as a Service Provider	Field Name: sp Type: Object
	Name *				A friendly identifier for the Service Provider	Field Name: sp.name Type: String
	Sign Authn Requests				Determines whether outgoing authentication messages will be signed. If so, the specified private key will be used. This attribute is false by default. If one of your identity providers has WantAuthnRequestsSigned set in its meta data, this attribute should be set to true.	Field Name: sp.authn_requests_signed Type: Boolean
	SignatureMethod				Set the SignatureMethod of the authentication request. Only used when 'Sign Authn Requests' is enabled. Defaults to rsa-sha1. Default: rsa-sha1	Field Name: sp.request_signature_method Type: String Default: rsa-sha1 Choices: ["rsa-sha1", "rsa-sha224", "rsa-sha256", "rsa-sha384", "rsa-sha512"]
	DigestMethod				Set the DigestMethod of the authentication request. Only used when 'Sign Authn Requests' is enabled. Defaults to sha1. Default: sha1	Field Name: sp.request_digest_method Type: String Default: sha1 Choices: ["sha1", "sha224", "sha256", "sha384", "sha512"]
	Want Assertions Signed				Determines whether assertions should be signed. Don't set this attribute to false unless you are sure that checking the integrity of the assertions is not needed in your environment.	Field Name: sp.want_assertions_signed Type: Boolean
	Want Reponse Signed				Determines whether responses should be signed. Don't set this to true unless you are sure that all Identity Providers do sign responses.	Field Name: sp.want_response_signed Type: Boolean
	End Points				Specifies the various end points that provide an external interface to the service provider.	Field Name: endpoints Type: Object
			Assertion Consumer Service			Field Name: assertion_consumer_service.[n] Type: Array
				Binding *	Determines how SAML requests and responses map onto standard messaging or communications protocols.	Field Name: sp.endpoints.assertion_consumer_service.[n].binding Type: String Choices: ["HTTP-POST"]
				URL *		Field Name: sp.endpoints.assertion_consumer_service.[n].url Type: String
			Single Logout Service			Field Name: single_logout_service.[n] Type: Array
				Binding *	Determines how SAML requests and responses map onto standard messaging or communications protocols.	Field Name: sp.endpoints.single_logout_service.[n].binding Type: String Choices: ["HTTP-REDIRECT"]
				URL *		Field Name: sp.endpoints.single_logout_service.[n].url Type: String
		Required Attributes			Additional attributes required to identify a user	Field Name: required_attributes.[n] Type: Array
Use Custom Certificate for Signing					Indicates if previously uploaded public/private keys must be used for signing. If true, the 'Public Key' and 'Private Key' fields are required. If false, a system-generated Public/Private key pair is used.	Field Name: use_custom_cert_for_signing Type: Boolean
System Generated Certificate					A reference to the data/Certificate instance that contains the system generated certificate to be used.	Field Name: system_cert Type: String Target: data/Certificate Format: uri
Private Key					The private key that is used for signing AuthnRequests	Field Name: key_file Type: String Target: data/File Format: uri
Public Key					The public key that should be used for decrypting signed AuthnRequests	Field Name: cert_file Type: String Target: data/File Format: uri
Validity (Hours)					The number of hours for which the metadata is valid for	Field Name: valid_for Type: Integer
Accepted Time Difference (seconds)					The maximum acceptable difference in clock times (in seconds) between this system and any IDP.	Field Name: accepted_time_diff Type: Integer
	Contact Person				Service Provider contact details	Field Name: contact_person.[n] Type: Array
		First Name			Contact's first name	Field Name: contact_person.[n].givenname Type: String
		Last Name			Contact's last name	Field Name: contact_person.[n].surname Type: String
		Company			Contact's company	Field Name: contact_person.[n].company Type: String
		Email Address			Contact's email address	Field Name: contact_person.[n].email_address Type: String
		Contact Type			Type of contact	Field Name: contact_person.[n].contact_type Type: String
Block unencrypted assertions					Block unencrypted assertions	Field Name: block_unencrypted_assertions Type: Boolean

Model: data/SsoSettings

Model Details: data/SsoSettings