Date: Thu, 28 Mar 2024 18:55:49 +0100 (CET) Message-ID: <1631631663.7659.1711648549402@wiki01p.surfnet.nl> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_7658_793368885.1711648549402" ------=_Part_7658_793368885.1711648549402 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
Federated authentication means that a user logs in on another location (= an Identity Provider) than that of the accessed service (a Service Provider= ). SURFconext is located between those locations. Each of the providers has= only one trusted connection with SURFconext: this is why this is called a = hub-and-spoke federation. The connections are 'trusted', b= ecause both the Service Provider and the Identity Provider have identified = themselves to SURFconext.
Read on to find out more about the authentication flow<= /strong> when using SURFconext. Your service must use SAML or OpenID Connec= t when you connect with SURFconext. These are both standards for exchanging= authentication and authorization data between parties, identity providers = and service providers.