Accessing the service 

Your FaaS toolbox will be available on the server name that you have chosen on requesting the service. Due to security reasons the service is only available via HTTPS.

User guide

This guide is aimed to assist Federation Operators to use Resource registry tool. Guide is available at FaaS_user_guide.


Generated Metadata aggregates

Every FaaS toolbox produces three SAML Metadata documents, signed with XMLdsig using the HSM-protected private key:

These files are available at the URL https://$FQDN/md/$FILENAME where $FQDN is the web server name chosen for the instance, and$FILENAME is the file name as explained above.

(Re-)Publishing Metadata

The FaaS infrastructure is not run with special precautions to provide High Availability. The availability of FaaS system is designed according to its purpose as a "management" tool that only needs to be available when someone intends to make changes to entities in a federation and to pick up changes from eduGAIN (once a day). In order to avoid a run-time dependency on the availability of the FaaS toolbox for the whole federation, we strongly advise to regulary download those metadata files to some other server in your competence (e.g. with cron and wget or curl) and publish and promote usage of those URLs instead, for consumption by federation members and eduGAIN. (You can also freely chose different file names for these SAML Metadata documents.)

All SAML Metadata documents published by your federation require verification of the cryptographic signature (XMLDsig) on that metadata against this Metadata Signing Key which you need to safely distribute to your federation members. Trust in any information contained in SAML Metadata published by your federation should only be derived from a valid signature with that key, not based on the URL the metadata is downloaded from.

 Based on the previous, you should:

Note: Joining eduGAIN is not in jurisdiction of FaaS service and for all eduGAIN related matter you shoud refer to offical eduGAIN web site.