...
- Connecting once to the platform makes your service available to all connected institutions (connected IdP's).
- Fast and easy access for more than 1 million users.
- Certainty about identity of users.
- Less user administration.
- A single point of contact with one connection.
- A long-time trusted partner of education and research institutions.
- Double security through SURFsecureID.
- A single link provides strong authentication for all institutions. As an extra advantage, authentication tools are issued by the institutions locally.
SURFconext also facilitates the exchange of group information. Pre-defined groups (e.g. like student teams working on a specific course ) or ad-hoc collaborations can be defined in SURFconext Teams, from which services . Services can use them these to facilitate collaboration for these groups.
| Tip |
|---|
Connecting to SURFconext is free of charge. |
...
- How to connect your service to SURFconext, both formally and technically.
- This Schematic overview gives an overview of the Authentication flows of SURFconext.
- The use of different the environments of SURFconext (test and production).
- If you don't have a contract but you can't wait to get going, start connecting your service to our test environment for which you do not need a contract.
- Attributes can supply your service with the required user info to make your service work. What attributes are, which are available in SURFconext and examples how to make use of them is described here.
- More than one institution also known as identity providers can connect to your service through SURFconext. The Where-Are-You-From (WAYF) selection page helps you with this. When a user logs in to your service, the user will see a list of all institutions connected to your service. If the user has an account with a connected institution, the user simply selects the institution and connects to your service with a single click. The preferred way is to let SURFconext show this page, but you can also make your own.
- SURFconext uses standards to make single sign on possible. Service Providers can choose between SAML and OpenID Connect. The basics of SAML are explained and you will also find also all technical details of SAML authentication requests, responses and assertions. If you wish to use OpenID Connect, refer to the OpenID Connect basics and the OpenID connect authentication flow.
...