Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This page describes the differences between SURFconext and SURFsecureID that are relevant for a SAML service provider (SP) that is migrating from SURFconext to the SURFsecureID gateway, or that is using both simultaneously.Please note that

SURFsecureID does not yet support OpenID Connect whereas SURFconext does. If you must use OpenID Connect, an OpenID Connect - SAML proxy may be an option (like SaToSa)Note that this is only relevant if you connect to the SURFsecureID gateway directly because you need advanced features. Normally, SP's that want to use SURFsecureID can just interfacce with SURFconext.

Architecture

SURFconext (engine.surfconext.nl) and SURFsecureID (sa-gw.surfconext.nl) are both SAML proxies. The image below shows how SURFconext and SURFsecureID relate to each other.

...