We've created a demo-flow. Any questions about this demo you can email to raoul.teeuwen@surfnet.nl . It's our intention this demo 'always works', but we don't test it every week or so. If it somehow broke, please let us know! Our GÉANT colleagues are developing eduTEAMS, which, not entirely accidental, looks a lot like our SCZ. They also have a demo-environment, which you can use if ours doesn't work, or if you want to check out COmanage alternatives Hexa and/or Perun (GÉANT has a comparison of those three), or try other services.
Important message
As your institution probably hasn't connected their IdP to SCZ-FIAM, you can't use your institutional account to login. For the demo, you can currently login with a Google- or Microsoft-account.
If you don't have either, you can create one or we're sorry but currently you can't use this demo.
Also: please, always check whether you have followed this demo instructions before telling us something doesn't work.
Repeat the demo
How to get access again after finishing the sign-up flow
COmanage, part of the current SCZ FIAM, lets administrators define several types of invitation flows, which are workflows to onboard researchers. You can find more about those flows in the documentation. You can for instance configure whether and what approval you want from for instance an admin.
For this demo, imagine the following: you have a service intended for researchers or you are a research collaboration. Researchers in the collaboration need access to several services, one of which is a website, in this case a WordPress-site (but the idea works for all/most services). The services have been connected to the SCZ FIAM platform. Normally you would not allow anybody access to your research services without knowing who they are. But for this demo you have decided researchers are allowed to self sign up for access to edit content on the Wordpress site, without any approval.
So for the demo we've configured a self signup invitation flow. It's basically a URL you can attach to a text or a button on a website of a research collaboration, with a text like
Sign up for our XXX research collaboration
Now imagine you're a researcher that wants access.
Assuming you've read the above, there are 3 steps in this demo. A generic part (which creates a user in the demo COmanage Collaborative Organisation), after which you can both access a Wordpress site via your browser as well as a VM via SSH. Apart from showing you this works for both web and non-web, this also shows you that by creating just one user at the SCZ, access is created in several connect services.
This demo currently is showing you how one flow (of many configurable flows) works and one (of many) way of how a researcher could access a service based on the credentials and attributes in COmanage. Over time, we plan to extend the demo to show more aspects.
In the terminal window, we are going to access the machine at sandbox1.aws.scz.lab.surf.nl . So the command is:
ssh <your userid>@sandbox1.aws.scz.lab.surf.nl -p 2022
ssh raoul86@sandbox1.aws.scz.lab.surf.nl -p 2022