...
- The solution must support a standardised implementation of the SAML WebSSO profile: http://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf. Compliance with SAML2Int is preferredrecommended: https://kantarainitiative.github.io/SAMLprofiles/saml2int.html.
- The solution must support eduPerson for handling user attributes: https://wiki.refeds.org/display/STAN/eduPerson.
- The solution must support mulitlateral federation and the ability to support login from multiple organisations / domains via eduGAIN: https://edugain.org/.
- The solution must make its Service Provider (SP) metadata available in xml format as either a url (preferred) or xml file.
- The solution must implement signing of metadata via an X.509 certificate.
*Note we have not used RFC2119 language in this list as this could be confusing if such language is not used throughout the RFQ. If you do use such notation - these requirements can be annotated as MUST and RECOMMENDED.