Once your service is connected to SURFconext you can reach more than a million users from the Dutch higher education and research institutions. Service providers don't have to worry about user accounts and passwords: this is managed by the institutions (Identity Providers). | |
The Single Sign On principle of SURFconext allows users to log on safely to multiple services with their own institution account. | |
SURFconext is the central point where the connection between a service and its users is made. SURFconext manages authentication and authorization. | |
| In the contract between SURFconext and the Service Provider agreements are made about privacy of the users and protection of the information to be exchanged.
|
| The level of service (availability and uptime) an Identity Provider can expect from SURFconext is defined in a SLS. |
| A Service Providers is an organization offering internet based services - e.g. webshops, videoplatforms, publishers or online courses provided by an educational institution - via SURFconext to users from Identity Providers. |
| An Identity Provider is an institution providing information about the identity of users. Users authenticate at the login page of their own institution and are sent then to your service via SURFconext. |
Identity Providers and Service Providers are connected with one endpoint to SURFconext. SURFconext has one endpoint for Service Providers and one for Identity Providers. | |
Employees or students of different institutions often work together. With SURFconext you can create a new organization where users from different institutes work together. This organization functions in the same way as an Identity Provider. | |
External users can have access to SURFconext services as guest user. | |
Guest users authenticate via social media like Facebook, Twitter or LinkedIn and because of this their identity is not verified. So there is no certainty about the correctness of the user's identity. |
