diff --git a/www/admin/metadata.php b/www/admin/metadata.php
new file mode 100644
index 0000000000000000000000000000000000000000..2ddc42b521bed685044b6e9c31b08c8a74a64fb3
--- /dev/null
+++ b/www/admin/metadata.php
@@ -0,0 +1,105 @@
+<?php
+
+require_once('../../_include.php');
+
+require_once('SimpleSAML/Utilities.php');
+require_once('SimpleSAML/Session.php');
+require_once('SimpleSAML/XML/MetaDataStore.php');
+require_once('SimpleSAML/XHTML/Template.php');
+
+/* Load simpleSAMLphp, configuration and metadata */
+$config = SimpleSAML_Configuration::getInstance();
+$metadata = new SimpleSAML_XML_MetaDataStore($config);
+$session = SimpleSAML_Session::getInstance();
+
+try {
+
+	$idpmeta = isset($_GET['idpentityid']) ? $_GET['idpentityid'] : $metadata->getMetaDataCurrent('saml20-idp-hosted');
+	$idpentityid = isset($_GET['idpentityid']) ? $_GET['idpentityid'] : $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
+	
+	$publiccert = $config->getBaseDir() . '/cert/' . $idpmeta['certificate'];
+
+	if (!file_exists($publiccert)) 
+		throw new Exception('Could not find certificate [' . $publiccert . '] to attach to the authentication resposne');
+	
+	$cert = file_get_contents($publiccert);
+	$data = XMLSecurityDSig::get509XCert($cert, true);
+	
+	
+	
+	
+	$metaxml = '<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+	<EntityDescriptor xmlns:xsi="https://www.w3.org/2001/XMLSchema-instance" xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ entityID="' . $idpentityid . '">
+    <IDPSSODescriptor
+        WantAuthnRequestsSigned="false"
+        protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+        
+                <KeyDescriptor use="signing">
+                        <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+                          <ds:X509Data>
+                                <ds:X509Certificate>' . $data . '</ds:X509Certificate>
+                        </ds:X509Data>
+                  </ds:KeyInfo>
+                </KeyDescriptor>  
+        
+
+        
+        <!-- Logout endpoints -->
+        <SingleLogoutService
+            Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+            Location="' . $metadata->getGenerated('SingleLogoutService', 'saml20-idp-hosted') . '"
+            ResponseLocation="' . $metadata->getGenerated('SingleLogoutService', 'saml20-idp-hosted') . '" 
+            index="0" 
+            isDefault="true"
+            />
+
+        
+        <!-- Supported Name Identifier Formats -->
+        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+        
+        <!-- AuthenticationRequest Consumer endpoint -->
+        <SingleSignOnService
+            Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+            Location="' . $metadata->getGenerated('SingleSignOnService', 'saml20-idp-hosted') . '" 
+            index="0" 
+            isDefault="true"
+            />
+        
+    </IDPSSODescriptor>
+</EntityDescriptor>';
+	
+	
+	if ($_GET['output'] == 'xml') {
+		header('Content-Type: application/xml');
+		
+		echo $metaxml;
+		exit(0);
+	}
+
+
+	$defaultidp = $config->getValue('default-saml20-idp');
+	
+	$et = new SimpleSAML_XHTML_Template($config, 'metadata.php');
+	
+
+	$et->data['header'] = 'SAML 2.0 IdP Metadata';
+	$et->data['metaurl'] = SimpleSAML_Utilities::addURLparameter(SimpleSAML_Utilities::selfURLNoQuery(), 'output=xml');
+	$et->data['metadata'] = htmlentities($metaxml);
+	$et->data['feide'] = in_array($defaultidp, array('sam.feide.no', 'max.feide.no'));
+	$et->data['defaultidp'] = $defaultidp;
+	
+	$et->show();
+	
+} catch(Exception $exception) {
+	
+	$et = new SimpleSAML_XHTML_Template($config, 'error.php');
+
+	$et->data['message'] = 'Some error occured when trying to generate metadata.';	
+	$et->data['e'] = $exception;
+	
+	$et->show();
+
+}
+
+?>
\ No newline at end of file