Introduction
This cookbook describes how to use the external identity providers available at the eduTEAMS Identity Hub as IdPs in a simpleSAMLphp servcie provider.
Supported external Identity Providers
eduTEAMS Identity Hub provides metadata for all endpoints it supports. The metadata can be found at the metadata endpoint of the idhub:
https://idhub.test.eduteams.org/metadata/.
Identity provider | Description | Metadata endpoint |
---|---|---|
This endpoint allows user to log using their Google identity | https://idhub.test.eduteams.org/metadata/Saml2IDP_1.xml | |
This endpoint allows user to log using their Facebook identity | https://idhub.test.eduteams.org/metadata/Saml2IDP_2.xml | |
Setup
- Install SSP according to the manual: https://simplesamlphp.org/docs/stable/simplesamlphp-sp
- For step "2 Adding IdPs to the SP", choose the IdPs you want to support at your service. Use the links above to fetch the relevant metadata (note for production service these links will be in eduGAIN)
- Use the "XML to SimpleSAMLphp metadata converter" facility of SimpleSAMLphp to convert XML metadat to php configuation to be added to the
metadata/saml20-idp-remote.php
metadata file. - To complete step "4 Exchange metadata with the IdP" you cannot send eduTEAMS Identity Hub your metadata. eduTEAMS Identity Hub will Make sure your SP is in eduGAIN.