Page tree
Skip to end of metadata
Go to start of metadata


After reading this page you will be ready to publish your service on our production environment. Before you continue, be sure to have to following covered:

  • You have successfully tested your entity on the test environment.
  • The SURFconext Agreement is in place.
  • Your service meets the security requirements, for example HTTPS, SSL.
  • You have a list at hand with the institutions you want to connect with as well as contacts, name and email, we can refer to when sending the connection invite.


Now, your service has been properly tested and contracts are in place and the security requirements are met. This means that your service can be promoted to production. Let's go through this.

Copy to production

Hover over the three dots and press the 'copy to production' button. The Service Provider registration form will open. You can add some last details if needed.


Review data yourself

Before pressing on the 'Publish' button on the bottom of the page, review the data. Check to see if the attributes as released are motivated, the technical and support contacts entered, etc. If you are done, proceed.

Publish service to production

All good? Press 'Publish' to promote your entity to production. Be aware that this does not automatically push the service to the SURFconext production environment since we will review this first. A ticket will be created and a mail will be send to the SURFconext Team. We will review the service and when all good, push the service to production mode.

Check your data

At this stage, we will do some checks. To keep everything up to speed, check the following prior to publishing your service:

  • Think about the attributes your service actually needs. If we find not or poorly motivated use of attributes or in our opinion, to many attributes we can and will discuss this with you.
  • If in this stage our test on SSL Labs fails to meet our requirements, you will need to fine tune your service using our test environment. You will need an overall Rating B or higher. Check this link to get an A rating on SSL Labs.
  • We need to have some references at the institution(s) you will connect to. Have these contacts at hand, name and email, so we can use them to refer to when sending the connection request.
  • If all is OK and you get the confirmation, configure the SURFconext production metadata in your service: https://metadata.surfconext.nl/idp-metadata.xml
  • We will notify you when the service is set to the production environment.

Connect to institutions/IdP's

Remember that at this point the institution (Identity Provider) still needs to be connected to your service. This requires some action from our side as well as the institution. Generally, if we know which institutions are going to use the service, we will inform them to release the requested attributes. Keep a list at hand with the institutions you want to connect to as well as contacts, name and email, we can refer to when sending the connection invite. See how this works (Dutch only).

Edit production entity

When the production entity has the following states, it's possible to edit the entity:

  • draft
  • requested


Update a Production Entity

If an entity has the state 'published' it is currently not possible to change the entity through the SP Dashboard . Contact support@surfconext.nl if you want to submit a change of an entity of your service. You can send us the change by sending an XML or describe the change in the mail. We will process the this and confirm the update to you by mail.




Navigate
  • No labels