...
This cookbook describes how to use the external identity providers available at the eduTEAMS Identity Hub as IdPs in a simpleSAMLphp servcie service provider.
Supported external Identity Providers
eduTEAMS Identity Hub provides metadata for all endpoints it supports . The metadata trough eduGAIN. More information on how to use eduGAIN, can be found at the metadata endpoint of the idhub:
https://idhub.test.eduteams.org/metadata/.
| Identity provider | Description | Metadata endpoint |
|---|---|---|
| This endpoint allows user to log using their Google identity | https://idhub.test.eduteams.org/metadata/Saml2IDP_1.xml | |
| This endpoint allows user to log using their Facebook identity | https://idhub.test.eduteams.org/metadata/Saml2IDP_2.xml | |
here: How to offer a service in eduGAIN
Setup
- Install SSP according to the manual: https://simplesamlphp.org/docs/stable/simplesamlphp-sp
- For step "2 Adding IdPs to the SP", choose the IdPs you want to support at your service. Use the links above to fetch the relevant metadata (note for production service these links will be in eduGAIN)
- Use the "XML to SimpleSAMLphp metadata converter" facility of SimpleSAMLphp to convert XML metadat to php configuation to be added to the
metadata/saml20-idp-remote.phpmetadata file. - To complete step "4 Exchange metadata with the IdP" you cannot send eduTEAMS Identity Hub your metadata. eduTEAMS Identity Hub will Make sure your SP is in eduGAIN.
- Specific entities can be found here: eduTEAMS Identity Hub TEST entities available through eduGAIN
- If you need a way to handle discovery, please have a look at the eduTEAMS Discovery Service