Versions Compared

Old Version 27

changes.mady.by.user Janne Lauros

Saved on

compared with

New Version 28

changes.mady.by.user Lukas Haemmerle

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This page describes how to make use of the eduTEAMS Discovery Service for your Service Provider (SP).

Discovery Service Configuration

There are multiple options how an SP can make use of the Discovery Service. The simplest one is to just redirect users to the Discovery Service URL, which we call "central discovery".

Use Central Discovery

For this For the very basic adoption of using the eduTEAMS Discovery Service everything one as central discovery service, everything an SP needs to know is the URL it that the discovery service uses to serve SAML2 IdP discovery requests. On Consult the documentation of the SAML SP product you are using on how to apply Discovery Service URL you should consult the documentation of the product . If you are for example using , in most cases Shibboleth SP documentation  or SimpleSAMLphp documentation. If you want to study the discovery protocol in more details, you may read the Shibboleth SP, consult the Shibboleth documentation or in case of SimpleSAMLphp the SimpleSAMLphp documentation on this topic. Generic information on the SAML2 IdP Discovery Service protocol are available in the Identity Provider Discovery Service Protocol and Profile.

As for Shibboleth, one would use the following URL as discoveryURL in the <SSO> element of the Shibboleth SP main configuration file shibboleth2.xml.

Info
iconfalse
titleeduTEAMS Discovery Service URL

https://discovery.eduteams.org/wayf.php

The disadvantage of using a central discovery service is that users are redirected to another host, which has a different look and feel. Also, some users might be confused that they were sent away from the service they intended to use.

Embedded Discovery

For an improved user experience and usability it is, however, It is recommended to go beyond the basic adoption and take advantage of the IdP filtering features and the embedded discovery. By combining these two features, a SP is able to offer an embedded discovery listing of IdPs relevant to it's user basethat shows only the relevant IdPs for its user base.

Image Added

The eduTEAMS Discovery Service can be seamlessly integrated into a web page of an SP by copy&pasting some HTML/Javascript code. More details on how to use this on the Embedded Discovery feature.

Filtering IdPs

By default the eduTEAMS Discovery Service lists all the eduGAIN IdPs.   An SP may reduce the list by using the Filtering IdPs.

Embedded discovery.

eduTEAMS Discovery Service may be used also as Embedded Discovery feature.