SAML IdP metadata (XML)
The URL returning the metadata of your SAML IdP (Identity Provider) in XML.

If your IdP uses SimpleSAMLphp, the URL should be like: http://www.myidp.com/simplesaml/saml2/idp/metadata.php.

If your IdP uses Microsoft Entra ID, you need to enter the App Federation Metadata Url copied from the Azure portal, e.g. https://login.microsoftonline.com/<guid1>/federationmetadata/2007-06/federationmetadata.xml?appid=<guid2>.

If your IdP (e.g. Google Identity Provider) allows you to download the metadata, you can download as a .xml file (e.g. idpmetadata.xml) and host it yourself, the URL should be like: http://www.mycompany.com/my/path/idpmetadata.xml.
SAML SP entity ID
The entity ID of your SAML SP (Service Provider), e.g. my-entity-id

Note that your site is the SAML SP (Service Provider). If your IdP uses SimpleSAMLphp, you must provide information about your service provider (SP) to the IdP in the authsources.php file, see Configuring the SP for details, e.g.

SAML SP X.509 certificate file
The X.509 certificate file of your SAML SP (Service Provider), e.g. saml.crt (relative to the project folder).

Some IdPs may require that your Service Providers holds a certificate.

If your IdP use SimpleSAMLphp, you may need to create a self-signed certificate and private key, you can install OpenSSL for Windows. For example, to create certificate in the "cert" directory, you can open command prompt or PowerShell and enter, e.g.

cd cert
openssl req -newkey rsa:3072 -new -x509 -days 3652 -nodes -out saml.crt -keyout saml.pem

Two files will be created, saml.crt is your X.509 certificate and saml.pem your private key (for use with SAML SP private key file below).

You need to upload them to your site and set up the paths here.

If you enable Verification certificates in Microsoft Entra ID, you need to upload your certificate to Azure. Note that you may also need to enable Allow requests signed with RSA-SHA1 in Azure.

To generate SHA-256 certificate for Azure, you can use, e.g.

openssl req -newkey rsa:3072 -new -x509 -days 3652 -nodes -sha256 -out saml.cer -keyout saml.pem

SAML SP private key file
The private key file of your SAML SP (Service Provider), e.g. saml.pem (relative to the project folder). See SAML SP X.509 certificate file above for details.