1) Get metadata for school's IdP, if is not already in InCommon. If it is in InCommon metadata, skip step #2 and proceed with step #3.
2) Add the school's metadata to metadata/ccc-metadata-unsigned.xml in the saml-ccc Bitbucket repo.
2.1) Run validateMetadata.sh to check for mistakes. If the validation passes, commit and push the change. Build automation will sign the file and push to the correct S3 location
3) Add a AssertionConsumerService, e.g.
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sso.ci.cccmypath.org/simplesaml/module.php/saml/sp/saml2-acs.php/PilotMock" index="0"/>
to the the following SP descriptors, Test IdP Proxy "SP side", Pilot IdP Proxy "SP side", Prod IdP Proxy "SP side" in metadata/ccc-metadata-unsigned.xml. Be sure to change the "570" numeric in the example above to match the misCode of the new school or district. Each new entry should increment the index value
4) Validate the metadata additions using ./validateMetadata.sh.
5) Commit the updated metadata file to Bitbucket. It will be signed, pushed out to S3 and, after within one hour, downloaded to the Proxy IdP deployments.
6) Update authsources.php in the ccc-<env>-proxy-simplesaml-config/opt/ccc/config to include the new school. This will again trigger an automated update to the appropriate environment's IdP proxy.
7) Once testing in Pilot has been verified, Step #6 will need to be made for the Production environment.
Upon completion of the steps above, after propagation of the updates (approximately one hour), testing of the new school with the IdP proxy can commence.