...
Institution group providers: some institutions have configured a group provider. Groups configured locally are published within SURFconext.Groups information is retrieved via the VOOT protocol.
There are several ways to obtain group information as an SP from SURFconext:
- Attribute Aggregation: SURFconext handles fetching the group information for you, and supplies it to your SP as an extra SAML attribute
isMemberOf(multi-valued). You do not need to implement anything in your SP other than using the new attribute. It can only be used however if your SP wants to know about a predefined fixed set of group names. Ask SURFconext Support to enable this for your SP, and specify the group Ids you're interested in. - Query our group API via a library: For SP's using simpleSAMLphp, there is a ssp-voot-groups module you can install in simpleSAMLphp that handles the querying of the API for you. Ask SURFconext Support for API credentials and configure this in the module.
- Implement the VOOT API: You can talk directly to our VOOT protocol API which is a REST API protected with OAuth 2.0. Learn more about the VOOT protocol.
...
...