1) Get metadata for school's IdP, if is not already in InCommon. If it is in InCommon metadata, skip step #2 and proceed with step #3.
2) Add the school's metadata to metadata/ccc-metadata-unsigned.xml in the saml-ccc Bitbucket repo.
3) Add a AssertionConsumerService, e.g.
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ci-proxy.ccctcportal.org/simplesaml/module.php/saml/sp/saml2-acs.php/MIS570" index="1"/>
to the the following SP descriptors, Test IdP Proxy "SP side", Pilot IdP Proxy "SP side", Prod IdP Proxy "SP side" in metadata/ccc-metadata-unsigned.xml. Be sure to change the "570" numeric in the example above to match the misCode of the new school or district.
4) Validate the metadata additions using ./validateMetadata.sh.
5) Commit the updated metadata file to Bitbucket. It will be signed, pushed out to S3 and, after within one hour, downloaded to the Proxy IdP deployments.
6) Update authsources.php in the ccc-<env>-proxy-simplesaml-config/opt/ccc/config to include the new school. This will again trigger an automated update to the appropriate environment's IdP proxy.
Upon completion of the steps above, after propagation of the updates (approximately one hour), testing of the new school with the IdP proxy can commence.