SURFconext also supports OpenID Connect (OIDC) for Service Providers (or Relying Party in OIDC terminology. For the sake of consistency, the term Service Provider will be used onwards). OIDC has several advantages in comparison with SAML:
There are also some attention points:
If you intend to enable your Service Provider for any of these two use cases, SAML is for you.
A schematic overview of the OpenID Connect authentication flow can be found on this page: OpenID Connect authentication flow.
More information on the features of the OIDC gateway can be found here
Ready to connect to SURFconext? Please continue at Preparation with OpenID Connect.