Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Section


Section

Description

This is the initial environment for testing services against the GEANT GÉANT AAI Service to ensure the future connection works correctly.

It is the same environment as Production services with a restricted group of people who can access the service (members of the Sandbox group - go to 1.2.).

In this environment, you can test:

  • The authentication flow while connecting your service using SAML or OIDC protocol
  • Configuration of your new service
  • Processing user's attributes (userID, username, name, email, affiliation) and entitlements (groups the user is part of)



Section

How to become a member of the Sandbox Group

While accessing the service connected to the Test environment for the first time,the user will get a message denying access to the service (unless the user is already a member of the Sandbox group).

As part of this message, there is a registration link for registering into the Sandbox group.

From then on, users will see a warning about the service status on the Consent Page.



Section

Requirements

The required fields in the registration form are less strict for the T esting Testing environment. As you can find here: Required fields for Service Registration (Test environment column)

Only mandatory information for the service connection is needed.

The reason is to be able to test the service even before all requirements are ready.



Section

Ready to go to the Production environment

Your service is ready to be part of the Production environment when:


...

Production environment

Section


Section

Description

Once the service owner is sure that the connection of the service with the GÉANT AAI Service is working as expected, the service owner can request to promote the service to the Production environment.

Access to the service will be then re-configured in the GÉANT AAI Service to allow access to all GÉANT users or a subset of GÉANT users defined by their entitlements. This restriction can be further discussed and configured with a help of the GÉANT support team - help@geant.org

All users accessing the production service have to go through registration to consent to the GÉANT AAI Service Acceptable Use Policy.



Section

Requirements

The requirements for the production service are more strict, and you should be sure that they have all been met before requesting the promotion of the service to the production environment.

Please check these pages: