You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 25 Next »

We've created a demo-flow. Any questions about this demo you can email to raoul.teeuwen@surfnet.nl . It's our intention this demo 'always works', but we don't test it every week or so. If it somehow broke, please let us know!


Repeat the demo

If you want to show this demo to someone else while already having been signed-up, you can use a private browser window and sign-up again.
If you use this option, don't forget to execute EVERY step in a private window, also opening the confirmation email link.

How to get access again after finishing the sign-up flow

Already signed up, but want to access the demo service? Access the demo Wordpress-site at https://wordpress.demo.scz.lab.surf.nl/ or COmanage via https://comanage.pilot.scz.lab.surf.nl/registry/ .

COmanage, part of the current SCZ, lets administrators define several types of invitation flows, which are workflows to onboard researchers. You can find more about those flows in the documentation. You can for instance configure whether and what approval you want from for instance an admin.

For this demo, imagine the following: you have a service intended for researchers or you are a research collaboration. Researchers in the collaboration need access to several services, one of which is a website, in this case a WordPress-site (but the idea works for all/most services). The services have been connected to the SCZ FIAM platform. Normally you would not allow anybody access to your research services without knowing who they are. But for this demo you have decided researcher are allowed to self sign up for access to edit content on the Wordpress site. 

So fr the demo we've configured a self signup invitation flow. It's basically a URL you can attach to a text or a button on a website of a research collaboration, with a text like

user Sign up for our XXX research collaboration

Now imagine you're a researcher that wants access.

As your institution probably hasn't connected their IdP (user database) to the SCZ-proxy, you can't use your institutional account to login. For the demo, you can currently login with a Google- or Microsoft-account. So if you don't have either, you can create one or we're sorry but currently you can't use this demo. Please email raoul.teeuwen@surfnet.nl if this is a problem for you, so we'll try to give more priority enabling more demo identity providers.

This demo flow is configured such that, after clicking the link above:

  • To enter our demo, click the "Sign up for our XXX research collaboration"-link.
  • As a new user, in this flow you're presented a form to fill out some personal information (Given name and Gmail or Microsoft email address).
  • After clicking SUBMIT, you see the screen display some provisioning steps after which you're logged out of COmanage.
  • Check your (Gmail or Microsoft) email inbox: an email is sent to the email address supplied, to confirm you have control over that email address (so normally this would be your institutional account). Click the link in the email.
  • After clicking the link in the email, you're taken to a COmanage screen where you can Confirm the registration.
  • After clicking CONFIRM, you're taken to a login screen with a Where Are You From (WAYF) screen. Depending on what email address you've used, you need to select the corresponding IdP ("SCZ Pilot Microsoft IdP" or "SCZ Pilot Google IdP"). As in most WAYF-screens you can start part of the name (suggestion: Gmail or Microsoft) of your IdP in the input field, instead of scrolling the whole list.
  • Login at Google or Microsoft with your credentials.
  • If your authentication was successful, you should now be signed into COmanage. Some steps of the enrollment will be automatically taken and displayed. After the final step, you're signed out. 
  • In the demo you now have access to the demo service(s). Although it's not necessary, you could login to COmanage by clicking LOGIN and sign in with the Google or Microsoft IdP. Assuming you do so successfully, you should see:



  • In the previous steps, you've created a COmanage account and linked it to your Google-id. Within COmanage there are many configuration options which amongst others enable a collaboration to specify whether someone first needs to approve any sign-up. For this demo, we have minimized the needed admin approval. So you can now use your membership of the SCZ demo CO to authenticate at the demo Wordpress-site, which you can visit directly (so without COmanage in between) via https://wordpress.demo.scz.lab.surf.nl/ . On the Wordpress site, you can find the Login option in the lower right corner

  • After clicking 'Log in' select 'Log in via Science Collaboration Zone', the blue bar at the bottom, below the "OR"-line
  • After clicking 'Log in via Science Collaboration Zone', select the SCZ Google or Microsoft IdP, and use the credentials you used to sign up for COmanage (depending on your actual activity, Single Sign-On might be active, making it so you don't need to enter your credentials again.
  • In this demo, you're allowed access to the dashboard of Wordpress.
  • If you email raoul.teeuwen@surfnet.nl that you would like more rights in the SCZ What's Next demo (do so from your institutional account (so Raoul knows who he is giving additional rights)), and mention the gmail-address you used) Raoul will at some moment grant you additional rights by adding you to a group "Wordpress:authors" in COmanage, at which moment you'll be notified of that action and on your next login at the Wordpress demo site, you have more rights and possibilities (you will be able to publish and edit blogs).

This demo currently is showing you how one flow (of many, configurable) works and how a researcher could access a service based on the credentials and attributes in COmanage. Over time, we plan to extend the demo to show more aspects, like non-web access.


  • No labels