...
Just expand the list with more IdPs from the SURFconext metadata, and you have created your own WAYF selection page.
OpenID Connect
We also support your own WAYF when When you use OpenID Connect. The documentation on this will be added here soon. In the mean time, send a mail to support@surfconext.nl so we can help you get going, you can create a custom WAYF using the "login_hint" query parameter when calling the authorize endpoint. You can add the IdP entityID as value for this parameter. The entityID's of the connected institutions can be found in the published SAML IdPs metadata. For test, this metadata can be found here: https://metadata.test.surfconext.nl/idps-metadata.xml . For production, you can find it here: https://metadata.surfconext.nl/idps-metadata.xml
Once you have extracted the IdP entityID, you can use it like this (here we do the authorize request for the IdP with entityID: http://mock-idp):
| Code Block |
|---|
https://connect.test.surfconext.nl/oidc/authorize?login_hint=http%3A%2F%2Fmock-idp&scope=openid&response_type=code&redirect_uri=https%3A%2F%2Foidc-playground.test.surfconext.nl%2Fredirect&state=example&nonce=example&client_id=playground_client&response_mode=query |
The oidc-playground can be used to test the login_hint parameter.