Skip to main content

Service Provider

Definition

The Service Providers are standard application servers that relays on Identity Providers to let the users log in.

Join federation

To join the federation, the service provider management team must deliver its "Metadata". The service provider Metadata describes how the service providers behaves:

  • Which security algorithms does it support.
  • The public portion of its signing and encrypting keys.
  • The SAML protocols does it support.
  • The URL of each SAML protocol endpoint.
  • Contact information.

Standard attributes

The standard attributes depends on the Service provider type. Currently there are three types:

SAML

Identification
  • publicID: public name of the service provider.
  • Name: friendly user name or brief description.
Service configuration
  • Metadata: you must provide the identity provider metadata. You can either copy it from the Soffid Identity Provider page, or instruct the service provider to download the federation metadata by itself.

To publish the federation members metadata, the main sync server exports the members metadata at the path /SAML/metadata.xml. Thus, if your sync server is listening at soffid1.your.domain, you can get the whole federation metadata document from https://soffid1.your.domain:760/SAML/metadata.xml.
After some seconds, up to five minutes, every federation member will notice any change.

Login rules

&&TODO&&

  • Allow impersonations
  • UID Script: script to compute the user name toass to the target application
    Back to top