We assume you've read Connecting services to the SCZ-environment before reading the info below.
When you provide a service that users can access via a web browser, you can connect it using the SAML-protocol or OpenID Connect. On this page we share the recipe to connect such a service using SAML:
After setting up your environment, you need to configure your software using the IdP metadata of the SCZ platform and supply the SCZ team with the metadata of your SP.
The SAML metadata of the SCZ is located at https://meta.pilot.scz.lab.surf.nl/proxy_idp.xml
The SAML metadata of your service ( either as URL or xml file) should be sent by email to firstname.lastname@example.org, specifying what service you want to connect to the SCZ environment.
Depending on other priorities, we will import your meta data as soon as possible, but within 5 working days.
Once the metadata has been exchanged, you should be able to authenticate via de SCZ. However, the only information about a user you will receive is a unique identifier.
To get more information about a user (name, email, etc), the service should be added to a collaboration. In order to do this, log in to COmanage and select your collaboration. If you don't have a collaboration set up yet, please contact email@example.com.
In you collaboration, go to Configuration/Services and add a new service. The information entered here is mainly for display purposes to the use of your collaboration, except for the parameter
Service Label, which should contain the literal identityid of your service.
Once you have added this service, you need to manually reprovision your users. This is an unfortunate problem with COmanage, which we will address soon. Go to Settings/Provisioning targets. Find the ZoneProvisioner target in the list and press its "Reprovision all" button.
Once this is done, users who are a member of your collaboration are able to log in to the service with a full attribute set.
Since the SCZ environment is actively being worked on, this documentation might not be totally accurate at the time you read this. If you run into difficulties or have any other questions, please email firstname.lastname@example.org .