diff --git a/lib/Controller/SAMLController.php b/lib/Controller/SAMLController.php
index 66cd58e4f..b4cc693b6 100644
--- a/lib/Controller/SAMLController.php
+++ b/lib/Controller/SAMLController.php
@@ -288,7 +288,6 @@ public function login(int $idp = 1): Http\RedirectResponse|Http\TemplateResponse
 	 */
 	#[PublicPage]
 	#[NoCSRFRequired]
-	#[OnlyUnauthenticatedUsers]
 	public function getMetadata(int $idp = 1): Http\DataDownloadResponse {
 		$settings = new Settings($this->samlSettings->getOneLoginSettingsArray($idp));
 		$metadata = $settings->getSPMetadata();
@@ -305,8 +304,6 @@ public function getMetadata(int $idp = 1): Http\DataDownloadResponse {
 
 	/**
 	 * @NoSameSiteCookieRequired
-	 *
-	 * @return Http\RedirectResponse
 	 * @throws Error
 	 * @throws ValidationError
 	 */
diff --git a/src/components/ProviderSettingsDialog.vue b/src/components/ProviderSettingsDialog.vue
index b4da3eb8e..72a268b4c 100644
--- a/src/components/ProviderSettingsDialog.vue
+++ b/src/components/ProviderSettingsDialog.vue
@@ -445,9 +445,11 @@ function onOpenChanged(open: boolean): void {
  */
 async function testMetaData(): Promise<void> {
 	try {
-		await axios.get(generateUrl(`/apps/user_saml/saml/metadata?idp=${props.provider.id}`))
-		metadataValid.value = true
-	} catch {
+		const { data, headers } = await axios.get(generateUrl(`/apps/user_saml/saml/metadata?idp=${props.provider.id}`))
+		const parser = new DOMParser()
+		const xml = parser.parseFromString(data, "application/xml")
+		metadataValid.value = headers["content-type"] === 'text/xml;charset=UTF-8' && xml.documentElement.localName === 'EntityDescriptor'
+	} catch (e) {
 		metadataValid.value = false
 	}
 }