Page tree
Skip to end of metadata
Go to start of metadata

The table below shows the differences for a service between the two authentication options. Note that both options can be used by an institution protecting it's services. For each service the most appropriate integration option can be chosen.

FeatureStandard authenticationSFO authenticaton
Authentication of first factorAlwaysNever, should be done by the service itself
Authentication of second factorYes, based on policy between IdP and SPAlways
User registrationUsing SURFsecureID selfservice registration and vetting by an RA
Standard SURFconext featuresAttributes, Authorization, persistent identifiersNone
  • No labels