GSA
diff --git a/‎config/login.production.idp.xml
Lines changed: 65 additions & 61 deletions b/‎config/login.production.idp.xml
Lines changed: 65 additions & 61 deletions
@@ -1,64 +1,68 @@
-<EntityDescriptor ID="_0b686e17-e107-46b3-8805-818c1a9c13e8"
-  xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
-  xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
-  xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://secure.login.gov/api/saml">
-  <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
-    <ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
-      <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
-      <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"></ds:SignatureMethod>
-      <ds:Reference URI="#_0b686e17-e107-46b3-8805-818c1a9c13e8">
-        <ds:Transforms>
-          <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></ds:Transform>
-          <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
-        </ds:Transforms>
-        <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></ds:DigestMethod>
-        <ds:DigestValue>l+OCdxgpedzbGSgDy4fuzX06U4blZgXguhvRTnJxlPk=</ds:DigestValue>
-      </ds:Reference>
-    </ds:SignedInfo>
-    <ds:SignatureValue>ZmC9igThbTZesR79Ol10L2pG/lVxE/xiuAwo1eGheLSLXeQepkedboC9aQPCN6Xs+qKth317MbO4xw8W8rfV+KL89xOeQQVTm2VtK3Q/v2pjrnNEaHmy1mAVdosUMMe0oa+3nepUON6ul28L2Tt382CGaiMP1ON7q9ChaqqZNIw4CO+X3oiYiLs5RntlXSxGt1xQEpb4LU/kW7kwl2vnywnO1p6dtoYIEUrIfLzTtMTPBzMK+oGpKl0BVszNPViqM6QJtq6Ody4N4H5JEOfIlfCbG/cosyGesZ0BRRE1ZUXYWV89c6l7qvWvB8+4D0C6nGtRbgV71cYfl30npD1AYA==</ds:SignatureValue>
-    <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
-      <ds:X509Data>
-        <ds:X509Certificate>MIIDzzCCAregAwIBAgIUBedAGri4qfIqwYynVBmUJ598viAwDQYJKoZIhvcNAQELBQAwdzELMAkGA1UEBhMCVVMxHTAbBgNVBAgMFERpc3RyaWN0IG9mIENvbHVtYmlhMRMwEQYDVQQHDApXYXNoaW5ndG9uMQwwCgYDVQQKDANHU0ExEjAQBgNVBAsMCUxvZ2luLmdvdjESMBAGA1UEAwwJbG9naW4uZ292MB4XDTI0MDExNjIwMTE1MloXDTI1MDQwMTIwMTE1MlowdzELMAkGA1UEBhMCVVMxHTAbBgNVBAgMFERpc3RyaWN0IG9mIENvbHVtYmlhMRMwEQYDVQQHDApXYXNoaW5ndG9uMQwwCgYDVQQKDANHU0ExEjAQBgNVBAsMCUxvZ2luLmdvdjESMBAGA1UEAwwJbG9naW4uZ292MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhtUVOX/nhTLLAb3dc2AMuPfUN8TtqxCaXGdwdDbY76nL1oTkrk3zns95OlC0+gg8EhuRpxii6snxa/JDZPHQuAGWBS5KWcD/pNxP7TIghrqPtPGPuK2EM3tduYObN3VEMhpfAGtP+wQQ/n16i4wbTeRHm4O5T8vWTUeZqxP/l9ja/txexv+LLmeR+zI9k51OfwWzr25HW1j6AkRTB/BQgt9Z29h7QNiGUiYQNBgXf3E03oOo8UCl7JXRLxygaBT67nOrFK9gxxs4nHVfhbrnA8VoUm+CrDczP46nAnXKk0HoQWFOlJDKNowbm3fHGt8CkLJBOszI+Hz0b7nQ8sFRQIDAQABo1MwUTAdBgNVHQ4EFgQUon3wLMwFr2s3AdO9u2vcGnhoH5wwHwYDVR0jBBgwFoAUon3wLMwFr2s3AdO9u2vcGnhoH5wwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAp6N3nT6GNkjMiEfsvwp66QDF2Fbjaelh6eRMf/QUwEttWawRB9IMnBzL0EOxZQ8jm3V1n8mev7fFJbP/bDnqsnhag+0cPGtQjVl5ZAImjmfIu0gvOrvZqoiAKi6WHDD8UAd/XNr4Eui9DHRKx9QBABajDwyfgWBE7phc5zosEyxep8n+pytxcWDAbR2kzKVac1+mXPwXSLN4ORh7TI9kzipojBlQWMG0Hx+VU+FjX5+pMqIpME5KAhj1yZdDk7/ji4apPwsrQ5BBXQd9w1T7I7ONK0+uVCGgJDDBnmA7HfoJjG4LL9lBgb1U/adQMcTTfASiTYMiQCZX/hZNyfUF1g==</ds:X509Certificate>
-      </ds:X509Data>
-    </KeyInfo>
-  </ds:Signature>
-  <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
-    <KeyDescriptor use="signing">
-      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
-        <X509Data>
-          <X509Certificate>MIIDzzCCAregAwIBAgIUBedAGri4qfIqwYynVBmUJ598viAwDQYJKoZIhvcNAQELBQAwdzELMAkGA1UEBhMCVVMxHTAbBgNVBAgMFERpc3RyaWN0IG9mIENvbHVtYmlhMRMwEQYDVQQHDApXYXNoaW5ndG9uMQwwCgYDVQQKDANHU0ExEjAQBgNVBAsMCUxvZ2luLmdvdjESMBAGA1UEAwwJbG9naW4uZ292MB4XDTI0MDExNjIwMTE1MloXDTI1MDQwMTIwMTE1MlowdzELMAkGA1UEBhMCVVMxHTAbBgNVBAgMFERpc3RyaWN0IG9mIENvbHVtYmlhMRMwEQYDVQQHDApXYXNoaW5ndG9uMQwwCgYDVQQKDANHU0ExEjAQBgNVBAsMCUxvZ2luLmdvdjESMBAGA1UEAwwJbG9naW4uZ292MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhtUVOX/nhTLLAb3dc2AMuPfUN8TtqxCaXGdwdDbY76nL1oTkrk3zns95OlC0+gg8EhuRpxii6snxa/JDZPHQuAGWBS5KWcD/pNxP7TIghrqPtPGPuK2EM3tduYObN3VEMhpfAGtP+wQQ/n16i4wbTeRHm4O5T8vWTUeZqxP/l9ja/txexv+LLmeR+zI9k51OfwWzr25HW1j6AkRTB/BQgt9Z29h7QNiGUiYQNBgXf3E03oOo8UCl7JXRLxygaBT67nOrFK9gxxs4nHVfhbrnA8VoUm+CrDczP46nAnXKk0HoQWFOlJDKNowbm3fHGt8CkLJBOszI+Hz0b7nQ8sFRQIDAQABo1MwUTAdBgNVHQ4EFgQUon3wLMwFr2s3AdO9u2vcGnhoH5wwHwYDVR0jBBgwFoAUon3wLMwFr2s3AdO9u2vcGnhoH5wwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAp6N3nT6GNkjMiEfsvwp66QDF2Fbjaelh6eRMf/QUwEttWawRB9IMnBzL0EOxZQ8jm3V1n8mev7fFJbP/bDnqsnhag+0cPGtQjVl5ZAImjmfIu0gvOrvZqoiAKi6WHDD8UAd/XNr4Eui9DHRKx9QBABajDwyfgWBE7phc5zosEyxep8n+pytxcWDAbR2kzKVac1+mXPwXSLN4ORh7TI9kzipojBlQWMG0Hx+VU+FjX5+pMqIpME5KAhj1yZdDk7/ji4apPwsrQ5BBXQd9w1T7I7ONK0+uVCGgJDDBnmA7HfoJjG4LL9lBgb1U/adQMcTTfASiTYMiQCZX/hZNyfUF1g==</X509Certificate>
-        </X509Data>
-      </KeyInfo>
-    </KeyDescriptor>
-    <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
-    <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
-    <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://secure.login.gov/api/saml/auth2024"/>
-    <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://secure.login.gov/api/saml/auth2024"/>
-    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location=""/>
-    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location=""/>
-  </IDPSSODescriptor>
-  <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
-    <KeyDescriptor use="signing">
-      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
-        <X509Data>
-          <X509Certificate>MIIDzzCCAregAwIBAgIUBedAGri4qfIqwYynVBmUJ598viAwDQYJKoZIhvcNAQELBQAwdzELMAkGA1UEBhMCVVMxHTAbBgNVBAgMFERpc3RyaWN0IG9mIENvbHVtYmlhMRMwEQYDVQQHDApXYXNoaW5ndG9uMQwwCgYDVQQKDANHU0ExEjAQBgNVBAsMCUxvZ2luLmdvdjESMBAGA1UEAwwJbG9naW4uZ292MB4XDTI0MDExNjIwMTE1MloXDTI1MDQwMTIwMTE1MlowdzELMAkGA1UEBhMCVVMxHTAbBgNVBAgMFERpc3RyaWN0IG9mIENvbHVtYmlhMRMwEQYDVQQHDApXYXNoaW5ndG9uMQwwCgYDVQQKDANHU0ExEjAQBgNVBAsMCUxvZ2luLmdvdjESMBAGA1UEAwwJbG9naW4uZ292MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhtUVOX/nhTLLAb3dc2AMuPfUN8TtqxCaXGdwdDbY76nL1oTkrk3zns95OlC0+gg8EhuRpxii6snxa/JDZPHQuAGWBS5KWcD/pNxP7TIghrqPtPGPuK2EM3tduYObN3VEMhpfAGtP+wQQ/n16i4wbTeRHm4O5T8vWTUeZqxP/l9ja/txexv+LLmeR+zI9k51OfwWzr25HW1j6AkRTB/BQgt9Z29h7QNiGUiYQNBgXf3E03oOo8UCl7JXRLxygaBT67nOrFK9gxxs4nHVfhbrnA8VoUm+CrDczP46nAnXKk0HoQWFOlJDKNowbm3fHGt8CkLJBOszI+Hz0b7nQ8sFRQIDAQABo1MwUTAdBgNVHQ4EFgQUon3wLMwFr2s3AdO9u2vcGnhoH5wwHwYDVR0jBBgwFoAUon3wLMwFr2s3AdO9u2vcGnhoH5wwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAp6N3nT6GNkjMiEfsvwp66QDF2Fbjaelh6eRMf/QUwEttWawRB9IMnBzL0EOxZQ8jm3V1n8mev7fFJbP/bDnqsnhag+0cPGtQjVl5ZAImjmfIu0gvOrvZqoiAKi6WHDD8UAd/XNr4Eui9DHRKx9QBABajDwyfgWBE7phc5zosEyxep8n+pytxcWDAbR2kzKVac1+mXPwXSLN4ORh7TI9kzipojBlQWMG0Hx+VU+FjX5+pMqIpME5KAhj1yZdDk7/ji4apPwsrQ5BBXQd9w1T7I7ONK0+uVCGgJDDBnmA7HfoJjG4LL9lBgb1U/adQMcTTfASiTYMiQCZX/hZNyfUF1g==</X509Certificate>
-        </X509Data>
-      </KeyInfo>
-    </KeyDescriptor>
+<EntityDescriptor ID="_540a0f2a-f61c-4044-837d-41e78ab3a7dc"
+    xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
+    xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://secure.login.gov/api/saml">
+    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
+            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"></ds:SignatureMethod>
+            <ds:Reference URI="#_540a0f2a-f61c-4044-837d-41e78ab3a7dc">
+                <ds:Transforms>
+                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></ds:Transform>
+                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
+                </ds:Transforms>
+                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></ds:DigestMethod>
+                <ds:DigestValue>ghDI2pGH30fiivEpfkCg4mukBt1rOjfPBnpQyarUhbw=</ds:DigestValue>
+            </ds:Reference>
+        </ds:SignedInfo>
+        <ds:SignatureValue>
+            dZQWK08pRw0S2DCCC2RbwKuVkMsp9bY8kengSJN10nZFEHP5hMleCQg3Ue7A/kNuKKBsbrndqjTuk/wR5KqKoaoW8TPqRzKNFVUhdtY6lPZe2dIWeiRBhNpJlve2xvvFpoW5XEYRqGqPuhaHNxg4ZFBCN44Txmh0Jm3fnwLn7N8OTgXXL3CxCYHqi9ujuEfPzdPA7yMkuFNiv1dCWOQZqqVNV1Lns2NvlNOFZex9S6m+v1d7TNFjquFpDdBcmyII9rjOQhHC7svdIsqievSiPnHSpZrPwLY7LjMR3S/ENEm5Z51JSHj3xSkmWExUOFtqF9MD5pAV9PHQu4SM95qohg==</ds:SignatureValue>
+        <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+            <ds:X509Data>
+                <ds:X509Certificate>
+                    MIIDzzCCAregAwIBAgIUBuxTXQhYd7UzOhO11pnNri8E5zswDQYJKoZIhvcNAQELBQAwdzELMAkGA1UEBhMCVVMxHTAbBgNVBAgMFERpc3RyaWN0IG9mIENvbHVtYmlhMRMwEQYDVQQHDApXYXNoaW5ndG9uMQwwCgYDVQQKDANHU0ExEjAQBgNVBAsMCUxvZ2luLmdvdjESMBAGA1UEAwwJbG9naW4uZ292MB4XDTI1MDExMzIwMDEzM1oXDTI2MDQwMTIwMDEzM1owdzELMAkGA1UEBhMCVVMxHTAbBgNVBAgMFERpc3RyaWN0IG9mIENvbHVtYmlhMRMwEQYDVQQHDApXYXNoaW5ndG9uMQwwCgYDVQQKDANHU0ExEjAQBgNVBAsMCUxvZ2luLmdvdjESMBAGA1UEAwwJbG9naW4uZ292MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1mNLPlOoszuVQhW0yJKNWI7XEg776vmeaRrzGMLmenaV2tXanozBxoehNmwC7egpSCoq5PfnzQGRhZqGAsbi1FVqLmEgOlEMgKGHQ3oOoeNf7wmouOsjLIFu76nGIbXAknnmgveki6tfU1czpgpOwoOb6JLk6VMOaA1x7eBVfoZlPg9jjM9KpyYVB7l8kmEzk6SUEP6LUXfcfSb97K5XTw06V/L2hyTBR2CMCKC1iuA9O/DReVRYSkt1IZwpzW5nTGkzyboH3crjKCpHlVOCoJFcQwnxaTrFNv7rXbnmwqsypWk9LCLQeqmlfnwlXWFGU17hBHIqvsS6Yo3y3JVBQIDAQABo1MwUTAdBgNVHQ4EFgQUyT7sOy64K5nT+cct7JHQF0gMN4cwHwYDVR0jBBgwFoAUyT7sOy64K5nT+cct7JHQF0gMN4cwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEALfe6JZuKCQSdV75bDhHecnLmqLhhhYoHVoDhqWpA1vX7fyz20Qp0pFog+G65RZGnaBWNxCJB4s7/E7RjVNC0RAUR3Vojd6nD8kOPHXDR4IamURTfIAaEnNFNFPGMgR6iQEptHyjs+d0gubKUyqvKQR6WibQsgzSo6d2IsYFFAzlhQeCm3XeK31z97k9q9mUm1AM2mlhs4qTBWnBE1xeDOuG05FS/fTLQWujprrQXbEq40jrBfVKmLSCxq2SheCvbFvvY60cXYC4VSjdWHaFuIJVeNAlKugMsDxigJzlU7IgF2dI/vHtS8H6Job/ZLfgJGSqarlSYFHq3B4IjMqigTQ==</ds:X509Certificate>
+            </ds:X509Data>
+        </KeyInfo>
+    </ds:Signature>
+    <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+        <KeyDescriptor use="signing">
+            <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+                <X509Data>
+                    <X509Certificate>
+                        MIIDzzCCAregAwIBAgIUBuxTXQhYd7UzOhO11pnNri8E5zswDQYJKoZIhvcNAQELBQAwdzELMAkGA1UEBhMCVVMxHTAbBgNVBAgMFERpc3RyaWN0IG9mIENvbHVtYmlhMRMwEQYDVQQHDApXYXNoaW5ndG9uMQwwCgYDVQQKDANHU0ExEjAQBgNVBAsMCUxvZ2luLmdvdjESMBAGA1UEAwwJbG9naW4uZ292MB4XDTI1MDExMzIwMDEzM1oXDTI2MDQwMTIwMDEzM1owdzELMAkGA1UEBhMCVVMxHTAbBgNVBAgMFERpc3RyaWN0IG9mIENvbHVtYmlhMRMwEQYDVQQHDApXYXNoaW5ndG9uMQwwCgYDVQQKDANHU0ExEjAQBgNVBAsMCUxvZ2luLmdvdjESMBAGA1UEAwwJbG9naW4uZ292MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1mNLPlOoszuVQhW0yJKNWI7XEg776vmeaRrzGMLmenaV2tXanozBxoehNmwC7egpSCoq5PfnzQGRhZqGAsbi1FVqLmEgOlEMgKGHQ3oOoeNf7wmouOsjLIFu76nGIbXAknnmgveki6tfU1czpgpOwoOb6JLk6VMOaA1x7eBVfoZlPg9jjM9KpyYVB7l8kmEzk6SUEP6LUXfcfSb97K5XTw06V/L2hyTBR2CMCKC1iuA9O/DReVRYSkt1IZwpzW5nTGkzyboH3crjKCpHlVOCoJFcQwnxaTrFNv7rXbnmwqsypWk9LCLQeqmlfnwlXWFGU17hBHIqvsS6Yo3y3JVBQIDAQABo1MwUTAdBgNVHQ4EFgQUyT7sOy64K5nT+cct7JHQF0gMN4cwHwYDVR0jBBgwFoAUyT7sOy64K5nT+cct7JHQF0gMN4cwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEALfe6JZuKCQSdV75bDhHecnLmqLhhhYoHVoDhqWpA1vX7fyz20Qp0pFog+G65RZGnaBWNxCJB4s7/E7RjVNC0RAUR3Vojd6nD8kOPHXDR4IamURTfIAaEnNFNFPGMgR6iQEptHyjs+d0gubKUyqvKQR6WibQsgzSo6d2IsYFFAzlhQeCm3XeK31z97k9q9mUm1AM2mlhs4qTBWnBE1xeDOuG05FS/fTLQWujprrQXbEq40jrBfVKmLSCxq2SheCvbFvvY60cXYC4VSjdWHaFuIJVeNAlKugMsDxigJzlU7IgF2dI/vHtS8H6Job/ZLfgJGSqarlSYFHq3B4IjMqigTQ==</X509Certificate>
+                </X509Data>
+            </KeyInfo>
+        </KeyDescriptor>
+        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
+        <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+            Location="https://secure.login.gov/api/saml/auth2025" />
+        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+            Location="https://secure.login.gov/api/saml/auth2025" />
+    </IDPSSODescriptor>
+    <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+        <KeyDescriptor use="signing">
+            <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+                <X509Data>
+                    <X509Certificate>
+                        MIIDzzCCAregAwIBAgIUBuxTXQhYd7UzOhO11pnNri8E5zswDQYJKoZIhvcNAQELBQAwdzELMAkGA1UEBhMCVVMxHTAbBgNVBAgMFERpc3RyaWN0IG9mIENvbHVtYmlhMRMwEQYDVQQHDApXYXNoaW5ndG9uMQwwCgYDVQQKDANHU0ExEjAQBgNVBAsMCUxvZ2luLmdvdjESMBAGA1UEAwwJbG9naW4uZ292MB4XDTI1MDExMzIwMDEzM1oXDTI2MDQwMTIwMDEzM1owdzELMAkGA1UEBhMCVVMxHTAbBgNVBAgMFERpc3RyaWN0IG9mIENvbHVtYmlhMRMwEQYDVQQHDApXYXNoaW5ndG9uMQwwCgYDVQQKDANHU0ExEjAQBgNVBAsMCUxvZ2luLmdvdjESMBAGA1UEAwwJbG9naW4uZ292MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1mNLPlOoszuVQhW0yJKNWI7XEg776vmeaRrzGMLmenaV2tXanozBxoehNmwC7egpSCoq5PfnzQGRhZqGAsbi1FVqLmEgOlEMgKGHQ3oOoeNf7wmouOsjLIFu76nGIbXAknnmgveki6tfU1czpgpOwoOb6JLk6VMOaA1x7eBVfoZlPg9jjM9KpyYVB7l8kmEzk6SUEP6LUXfcfSb97K5XTw06V/L2hyTBR2CMCKC1iuA9O/DReVRYSkt1IZwpzW5nTGkzyboH3crjKCpHlVOCoJFcQwnxaTrFNv7rXbnmwqsypWk9LCLQeqmlfnwlXWFGU17hBHIqvsS6Yo3y3JVBQIDAQABo1MwUTAdBgNVHQ4EFgQUyT7sOy64K5nT+cct7JHQF0gMN4cwHwYDVR0jBBgwFoAUyT7sOy64K5nT+cct7JHQF0gMN4cwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEALfe6JZuKCQSdV75bDhHecnLmqLhhhYoHVoDhqWpA1vX7fyz20Qp0pFog+G65RZGnaBWNxCJB4s7/E7RjVNC0RAUR3Vojd6nD8kOPHXDR4IamURTfIAaEnNFNFPGMgR6iQEptHyjs+d0gubKUyqvKQR6WibQsgzSo6d2IsYFFAzlhQeCm3XeK31z97k9q9mUm1AM2mlhs4qTBWnBE1xeDOuG05FS/fTLQWujprrQXbEq40jrBfVKmLSCxq2SheCvbFvvY60cXYC4VSjdWHaFuIJVeNAlKugMsDxigJzlU7IgF2dI/vHtS8H6Job/ZLfgJGSqarlSYFHq3B4IjMqigTQ==</X509Certificate>
+                </X509Data>
+            </KeyInfo>
+        </KeyDescriptor>
+        <Organization>
+            <OrganizationName xml:lang="en">login.gov</OrganizationName>
+            <OrganizationDisplayName xml:lang="en">login.gov</OrganizationDisplayName>
+            <OrganizationURL xml:lang="en">https://login.gov</OrganizationURL>
+        </Organization>
+        <ContactPerson contactType="technical"></ContactPerson>
+        <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+            Location="https://secure.login.gov/api/saml/attributes" />
+        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
+        <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+    </AttributeAuthorityDescriptor>
     <Organization>
-      <OrganizationName xml:lang="en">login.gov</OrganizationName>
-      <OrganizationDisplayName xml:lang="en">login.gov</OrganizationDisplayName>
-      <OrganizationURL xml:lang="en">https://login.gov</OrganizationURL>
+        <OrganizationName xml:lang="en">login.gov</OrganizationName>
+        <OrganizationDisplayName xml:lang="en">login.gov</OrganizationDisplayName>
+        <OrganizationURL xml:lang="en">https://login.gov</OrganizationURL>
     </Organization>
     <ContactPerson contactType="technical"></ContactPerson>
-    <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://secure.login.gov/api/saml/attributes"/>
-    <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
-    <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
-  </AttributeAuthorityDescriptor>
-  <Organization>
-    <OrganizationName xml:lang="en">login.gov</OrganizationName>
-    <OrganizationDisplayName xml:lang="en">login.gov</OrganizationDisplayName>
-    <OrganizationURL xml:lang="en">https://login.gov</OrganizationURL>
-  </Organization>
-  <ContactPerson contactType="technical"></ContactPerson>
-</EntityDescriptor>
+</EntityDescriptor>