You have configured an STS in your network.
You have activated SAML configuration in your system.
More information: Enabling the SAML Service Provider.
If you want to add the STS manually, that is, without an XML metadata file, you have imported the public key certificates of the STS for encryption and the digital signature of the SAML messages. Import these certificates in the Trust Manager of hte SAP NetWeaver Application Server (AS) ABAP. More information: Trust Manager.
If you want to add the STS from a metadata file, you can access the provider's metadata from a secure source. If you are uploading the metadata from a file, we assume that you have received the file from a trusted source. The STS accepts the metadata. However, if the metadata is signed by the STS, the WS provider checks whether the (AS) ABAP trusts the certificate issuer of the signer. If the AS ABAP does not trust the issuer, the WS provider rejects the metadata.
With this procedure, you specify a Security Token Service (STS) that the WS provider AS ABAP can trust. The WS provider requests identity information from the trusted STS for the applications that it protects.