- Procedural / contractual
Because this integration option uses SURFconext for the first factor and privacy sensitive information from the user is transferred to the service, it is necessary to have the correct agreements in place. Make sure you follow the SURFconext contractual obligations. This step is not necessary when you use the SURFsecureID test environment.
Technically, your service will connect to SURFsecureID directly. However, because indirectly your service also uses SURFconext, you will need to register your service in the SURFconext SP dashboard. For SURFsecureID pilot and production environment, you need to In this dashboard you must configure a SURFconext production SP, for SURFsecureID test you need to Production SP when you want to use the SURFsecureID pilot or production environment. For SURFsecureID test you must configure a SURFconext test SP.
When this is done, you need to implement the technical connection with SURFsecureID. Making this connection is similar to making a SURFconext connection. See also these SAML message examples. These technical steps are necessary the same for each SURFsecureID environment.