Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


  • The introduction explains the basics of SURFsecureID. Mainly there are only three steps to be taken.
  • On the next page (Architecture) you will find a picture showing the relation between the different 'actors': the SURFsecureID gateway, the SURFconext gateway, the SP's and the Second factors (SMS, Tiqr and YubiKey). Also the authentication flow, consisting of 6 steps, is explained.
  • On the page Levels of assurance you can read that in SURFsecureID there are three different levels of assurance:
    -  LoA 1: only password authentication
    -  LoA 2: password + SMS of or Tiqr
    -  LoA 3: password + Yubikey or FIDO2 (hardware token)
    Explained is also why in SURFsecureID the attributes do not have a level of assurance.
  • The road map shows you the plans SURFnet has to improve further the qualities of SURFsecureID. You are encouraged to engage in our periodic SURFconext meetings or contact us at to discuss your strong authentication needs.
  • In the FAQ you will find a list of the most commonly asked questions, together with our answers on them.
  • In the Documentation for Identity Providers (Dutch), you will find information on how institutions are able to use this service. This has above all an organizational impact, rather than a technical one.
  • The last part of this wiki, Documentation for Service Providers, gives a lot of detail (technical) information specific for Service Providers.