This is the placeholder for the LSAAI Stepup pilot

Requirements

https://docs.google.com/document/d/11OvKGnnWehqm9JNeWgYnJA5bc2seg6QdwOYHI2NRpiQ/edit?usp=sharing

Expected Flow

First Factor IdP <-> SaToSa <-> Stepup GW <-> Stepup Portal

• SaToSa <-> Stepup GW needs both persistent SAML NameID AND ePTID
• Stepup GW <-> Stepup Portal ONLY needs persistent SAML NameID
• Stepup WG expects ePTID, CN, mail, persistent SAML NameID,  SHO and persistent SAML NameID and ePTID must have the same value
• SaToSa must deliver the persistent SAML NameID AND ePTID containing the community identifier

Pilot platform setup and components

• Configuration repo for the pilot platform: https://dev.niif.hu/vopaas/stepup-config-dev-mfa-eduteams-org
• VM for stepup: dev.mfa.eduteams.org (from: deploy.test.eduteams.org, ssh -A centos@dev.mfa.eduteams.org)
• Deployment is don from deploy.test.eduteams.org:/home/debian/stepup-pilot/stepup-config-dev-mfa-eduteams-org using the default methods provided by stepup components (https://github.com/OpenConext/Stepup-Deploy)

Selfregister Portal

https://selfservice.dev.mfa.eduteams.org

Note: in the pilot environment now only Yubikey is configured as potential second factor tool.

RA

https://ra.dev.mfa.eduteams.org

If you want to add new

TBC (sitya)