We have a test and production environment your service can connect with. You will start with defining your service in our Test environment, to verify it works as expected. This environment is standardized and in close alignment with the production environment. After you have requested to publish the service to production and if we confirm all requirements are met, such as the necessary contracts and TLS requirements, we will accept the service to be deployed to our Production environment making it available to all users of SURFconext. This page outlines the differences between these environments.
SURFconext Ecosystem | |||
| SURFconext Test | SURFconext Production | ||
| Test mode | Production mode | ||
|
| ||
IdP metadata: | IdP metadata: | ||
Please note that SURFconext acts as an identity provider to services and is the only IdP a service connects to. That is why you use the IdP Metadata links as stated in the table above.
SURFconext Test environment
- For testing purposes only
- Test with the SURFconext test IdP or institutions test IdP's (if available)
- No contract necessary
- New SP's can be configured via Selfservice SP-Dashboard
- SAML: Specific IdP metadata needed
- OpenID Connect: specific .well-known endpoint
SURFconext Production environment
- Contracts need to be in place
- Production IdP's available only
- Meet the SSL/TLS Requirements as stated on this page for both SP's and IdP's.
- SAML: Specific IdP metadata needed
- OpenID Connect: specific .well-known endpoint
Actions IdP's can take
Some Institutions/IdP's want to test services before a service is connected in Production Mode, with identities the institution controls:
- Institutions that want to test a service connected to the SURFconext test environment are recommended to configure a test IdP and request the SURFconext team to connect that test IdP to the SURFconext test environment.