In the 'Assertion Content' tab for a Hosted Service Provider it is possible to remove all NameID Formats from the list. When you save the empty list, the configuration is correctly updated and can be seen by accessing the entity metadata.
However, on refreshing the page all the Name ID formats are visible in the admin UI. Note that the metadata (and hence config) isn't changed - unless you click Save. At which point all the NameId Formats are re-added to the config.
These 'ghost' entries only appear when all entries had been removed.
- Create hosted SP
- Remove all NameIDFormats, click save.
- Consider the metadata for the entity - it correctly reflects the config
- Refresh page
- Observe that the NameIDFormat list is fully populated
- Note that the metadata is still devoid of the NameIds
Remember to clear the NameIDFormat list each time you load the Entity defintion, before saving