Before users can use your service, their Identity Providers need to be coupled with your service. This is done by SURFconext Support, after the Identity Provider has given explicit permission. Generally the less attributes your service requires (in accordance with the minimal disclosure principle of SURFconext), the quicker they will give this permission.
In the SURFconext Dashboard administrators can see your service and decide to request a coupling with it. If your service is meant to be used by only one or a few Identity Providers, you can ask SURFconext not to show your service in the Dashboard.
Fine grained access to your service
When an IdP has been coupled with your service, typically all users at the institution are able to login. Below authorisation options are listed: