Introduction

This cookbook describes how to use the external identity providers available at the eduTEAMS Identity Hub as IdPs in a simpleSAMLphp service provider.

Supported external Identity Providers

eduTEAMS Identity Hub provides metadata for all endpoints it supports trough eduGAIN. More information on how to use eduGAIN, can be found here: How to offer a service in eduGAIN

Setup

  1. Install SSP according to the manual: https://simplesamlphp.org/docs/stable/simplesamlphp-sp
  2. For step "2 Adding IdPs to the SP", choose the IdPs you want to support at your service. Use the links above to fetch the relevant metadata (note for production service these links will be in eduGAIN)
  3. Use the "XML to SimpleSAMLphp metadata converter" facility of SimpleSAMLphp to convert XML metadat to php configuation to be added to the metadata/saml20-idp-remote.php metadata file.
  4. To complete step "4 Exchange metadata with the IdP" you cannot send eduTEAMS Identity Hub your metadata. eduTEAMS Identity Hub will Make sure your SP is in eduGAIN
  5. Specific entities can be found here: eduTEAMS Identity Hub TEST entities available through eduGAIN
  6. If you need a way to handle discovery, please have a look at the eduTEAMS Discovery Service


  • No labels