Page tree
Skip to end of metadata
Go to start of metadata

Make sure your service supports one of the (open) standards SURFconext uses for authentication. The following options are available:

Need some guidance on choosing the right standard? In general, you will want to choose the protocol that is best supported by your application/framework/development platform. There are more and more ready to use plugins and/or libraries (Please don't try to build your own implementation; use what is already available and thoroughly tested).

Some broad characteristics to help you decide:

SAML Most mature choice
Supports eduGAIN and other federations
Supports SURFsecureID
OpenID ConnectModern protocol with broad library support
Easier to implement but less feature rich
Better suited when your service uses mobile apps

When you decide to go for SAML, have a look at Preparation with SAML 2.0 .

When opting for OIDC, check out Preparation with OpenID Connect .

In case your users (also) login via a mobile app, please read this page.

  • No labels