Scenario
An operator team already has one provider path working and now needs a repeatable day-2 rollout for metadata review, certificate lifecycle, diagnostics, and auditability across production environments.
Exact wiring and config
- Start from one verified first-class provider path or an intentionally labeled
custom/generic SAMLintegration - Review metadata and trust-anchor handling before enabling scheduled refresh
- Track certificate lifecycle as an operator-owned process, not an invisible background detail
- Keep diagnostic bundle generation and audit review in the production support workflow
Relyra owns
- Metadata trust-boundary enforcement and typed refresh outcomes
- Certificate lifecycle seams and audit evidence produced by the library
- Diagnostic export and redaction behavior inside the library-owned boundary
Host owns
- Release workflow, deployment timing, and incident response policy
- Storage, review, and routing of diagnostics and audit evidence
- Application-specific operational controls outside the Relyra contract
Failure and recovery
- Failure: metadata is refreshed without understanding the trust boundary Recovery: pause automatic changes and review trust-anchor, certificate, and audit evidence before re-enabling the path
- Failure: certificate rotation lands without operator review Recovery: use the library's lifecycle and audit surfaces to re-stage and verify the new material
- Failure: diagnostics expose more scope than the host wants to share Recovery: rely on the bounded diagnostic surfaces and verify the exported evidence set before external sharing
Evidence
- Metadata review artifacts and operator sign-off
- Certificate lifecycle receipts tied to the host rollout process
- Diagnostic and audit outputs used during support and recovery
- Explicit scope notes showing whether the provider path is one of the three
first-class presets or a
custom/generic SAMLintegration