KNF:Service provider koppeling testen/en

Uit Kennisnet Developers Documentatie
Naar navigatie springen Naar zoeken springen
Nl.gif Nederlands En.gif English


During the implementation of a connection with Entree Federation the Reference Identity Provider can be used for testing purposes. With the help of this application the authentication process of a user can be simulated.

Step 1: Start authentication

Open your browser and navigate to the page of your application where you can start the authentication process via Entree Federation.

Step 2: Select the Identity Provider

You will be redirected to the WAYF-screen (Where Are You From) of the Entree Federation.

Wayf01.PNG



Typ in the searchbox 'referentie' ('reference').

Wayf referentie 01.PNG


>


After which you select 'Referentie Omgeving' and click on 'Verder' ('Continue').

Wayf referentie 02.PNG


Step 3: Reference Identity Provider

You will now be redirected to the Reference Identity Provider of the Entree Federation. You're shown a list of attributes that will be send to your application. These attributes are divided in a set of Standard attributes (Standaard attributen) and a set of Additional attributes (Aanvullende attributen) (here you can find an overview of the attributes).

  • Standard attributes will always be passed on to a Service Provider by Entree Federation during an authentication.
  • Additional attributes will only be passed on to a Service Provider after the school has given explicit permission by the means of a signed Attribute Release Policy.
Referentie Identity Provider 01.PNG



If necessary you can change the values of the attributes, accept for nlEduPersonHomeOrganizationId and nlEduPersonHomeOrganization.
Note: In order for your application to be able to receive additional attributes from the Reference Identity Provider, Kennisnet has to change the configuration. You can contact Kennisnet for this.

Step 4: Sending the attributes

If you're ready with modifying the attributes you can click on 'Direct verder naar dienstaanbieder' ('Continue directly to Service Provider') at the top of the page or 'Verder naar dienstaanbieder' ('Continue to Service Provider') at the bottom of the page. The authentication message containing the attributes will now be send to your application. Based on these attributes you can identify and authorise the user.