ansible-roles/roles/zabbix_server/templates/saml_metadata.xml.j2

<?xml version="1.0" encoding="utf-8"?>
<EntityDescriptor entityID="{{ zabbix_server_public_url }}" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
  <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
    <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="{{ zabbix_server_public_url | regex_replace('/$', '') }}/index_sso.php?acs" index="0" />
    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="{{ zabbix_server_public_url | regex_replace('/$', '') }}/index_sso.php?sls" />
    <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
    <KeyDescriptor use="signing">
      <ds:KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
        <ds:X509Data>
          <ds:X509Certificate>{{ zabbix_server_saml_sp_cert.stdout }}</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </KeyDescriptor>
  </SPSSODescriptor>
  <Organization>
    <OrganizationName xml:lang="en">{{ ansible_domain }}</OrganizationName>
    <OrganizationDisplayName xml:lang="en">Zabbix {{ ansible_domain }}</OrganizationDisplayName>
    <OrganizationURL xml:lang="en">{{ zabbix_server_public_url }}</OrganizationURL>
  </Organization>
  <ContactPerson contactType="administrative">
    <GivenName>System Administrator</GivenName>
    <EmailAddress>{{ system_admin_email | default('admin@' ~ ansible_domain) }}</EmailAddress>
  </ContactPerson>
</EntityDescriptor>
Update to 2022-03-21 17:00 2022-03-21 17:00:07 +01:00			`<?xml version="1.0" encoding="utf-8"?>`
			`<EntityDescriptor entityID="{{ zabbix_server_public_url }}" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">`
			`<SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">`
			`<AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="{{ zabbix_server_public_url \| regex_replace('/$', '') }}/index_sso.php?acs" index="0" />`
			`<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="{{ zabbix_server_public_url \| regex_replace('/$', '') }}/index_sso.php?sls" />`
			`<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>`
			`<KeyDescriptor use="signing">`
			`<ds:KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">`
			`<ds:X509Data>`
			`<ds:X509Certificate>{{ zabbix_server_saml_sp_cert.stdout }}</ds:X509Certificate>`
			`</ds:X509Data>`
			`</ds:KeyInfo>`
			`</KeyDescriptor>`
			`</SPSSODescriptor>`
			`<Organization>`
			`<OrganizationName xml:lang="en">{{ ansible_domain }}</OrganizationName>`
			`<OrganizationDisplayName xml:lang="en">Zabbix {{ ansible_domain }}</OrganizationDisplayName>`
			`<OrganizationURL xml:lang="en">{{ zabbix_server_public_url }}</OrganizationURL>`
			`</Organization>`
			`<ContactPerson contactType="administrative">`
			`<GivenName>System Administrator</GivenName>`
			`<EmailAddress>{{ system_admin_email \| default('admin@' ~ ansible_domain) }}</EmailAddress>`
			`</ContactPerson>`
			`</EntityDescriptor>`