...
Please send the following information to aai-is@listshelp@geant.geant.org:
Information | Description |
---|
entityID | The SAML entityID must be an HTTPS schema based. See https://github.com/REFEDS/MRPS/blob/v1/mrps.md#52-entityid-format and https://spaces.at.internet2.edu/display/InCFederation/Entity+IDs (which has recently moved to https://spaces.at.internet2.edu/display/federation/Entity+ID) |
SAML Metadata | A URL to the XML metadata (preferred), or an XML metadata file. This file/URL should be valid SAML metadata containing at least the following elements: - "contacts"
- one technical contact (for dealing with authentication/security/privacy issues)
- one support contact (for generic application support questions)
- "name" <= a very short name to be shown in user interfaces, for instance "GÉANT Intranet"
- An X.509 certificate for signing requests
|
Service description | Longer descriptive text with at least: - The purpose of the service
- Its intended audience
- Its status (production, testing, etc)
- The date it went into production
- The software it runs
|
Service URL | The actual URL to the main service, for instance https://intranet.geant.org. |
...
SAML attribute | example value | remarks |
---|
uid | federated-user-1234 | Unique user ID, always available. |
mail | user@domain | Defaults to the string 'invalid_email_needs_updating' if none was provided by the upstream IdP |
displayName | Robert Wagner | Defaults to the string 'first_name last_name' or similar if bit aren't provided by the upstream IdP |
isMemberOf | | Multivalued attribute listing the CAMS group memberships. |
Our endpoint
EntityID | https://login.terena.org/ |
spmodule.phpsamlsp//default-sp signing certificatesign.crt
Service monitoring
At some stage there will be some monitoring set-up, to help ensure the service is conforming to basic requirements. The monitored items are expected to include:
...