SURFconext also supports OpenID Connect (OIDC) for Service Providers (or Relying Party in OIDC terminology. For the sake of consistency, the term Service Provider will be used onwards). OIDC has several advantages in comparison with SAML:

There are also some attention points:

If you intend to enable your Service Provider for any of these two use cases, SAML is for you.

A schematic overview of the OpenID Connect authentication flow can be found on this page: OpenID Connect authentication flow.

Ready to connect to SURFconext? Please continue at Preparation with OpenID Connect.