SURFconext, provided by SURFnet, is a federated identity management service for secondary vocational-, higher education and research in the Netherlands. With SURFconext, users can authenticate at services using their institutional account.
Advantages of SURFconext for Service Providers:
- Connecting once to the platform makes your service available to all connected institutions.
- Fast and easy access for more than 1 million users.
- Certainty about identity of users.
- Less user administration.
- A single point of contact with one connection.
- A long-time trusted partner of education and research institutions.
- Double security through SURFsecureID.
- A single link provides strong authentication for all institutions. As an extra advantage, authentication tools are issued by the institutions locally.
SURFconext also facilitates the exchange of group information. Pre-defined groups like student teams working on a specific course or ad-hoc collaborations can be defined in SURFconext Teams. Services can use these to facilitate collaboration for groups.
Connecting to SURFconext is free of charge.
This manual is The underlying pages are meant for Service Providers and describes describe the aspects of connecting your service to SURFconext.
From a technical point of view, the following is depicted:
Getting your service to work with guest accounts and the advanced user management such as group memberships can be found here:
- How to create guest accounts for users from outside SURFnet.
- VOOT is a service allowing you to retrieve information about users, groups and memberships of groups. As you will be shown, this can make working with groups and giving rights and permissions much easier.
Besides the technical part, you will also need to go through the formal part as shown on these pages:
If you still haven't found what you were looking for, have a look at our Frequently asked questions .
In the rest of this introduction you will find:
- A schematic overview of the relation between Service Providers, Identity Providers and SURFconext.
- An explanation in steps of the authentication flow.