KNF:Service provider koppeling testen/en
Nederlands | English |
During the implementation of a connection with Entree Federation the Reference Identity Provider can be used for testing purposes. With the help of this application the authentication proces of a user can be simulated.
Step 1: Start authentication
Open your browser and navigate to the page of your application where you can start the authentication proces with Entree Federation.
Step 2: Select the Identity Provider
You will be redirected to the WAYF-screen (Where Are You From) of the Entree Federation. Click on 'Log in met je schoolaccount' ('Log in with your schoolaccount').
In the window that spreads out you will see a list of schools that are connected to the Entree Federation.
Typ in the searchbox 'referentie' ('reference').
After which you select 'Entree Referentie' and click on 'Verder' ('Continue').
Step 3: Reference Identity Provider
You will now be redirected to the Reference Identity Provider of the Entree Federation. You're shown a list of attributes that will be send to your application. These attributes are divided in a set of Standard attributes (Standaard attributen) and a set of Additional attributes (Aanvullende attributen) (here you can find an overview of the attributes).
- Standaard attributen worden altijd door Entree Federatie aan de Service Provider doorgegeven.
- Aanvullende attributen worden alleen aan de Service Provider doorgegeven indien de school ervoor expliciet toestemming heeft gegeven via een ondertekende Attribute Release Policy.
If necessary you can change the values of the attributes, accept for nlEduPersonHomeOrganizationId and nlEduPersonHomeOrganization.
Note: In order for your application to be able to receive additional attributes from the Reference Identity Provider, Kennisnet has to change the configuration. You can contact Kennisnet for this.
Step 4: Sending the attributes
If you're ready with modifying the attributes you can click on 'Direct verder naar dienstaanbieder' ('Continue directly to Service Provider') on the top of the page or 'Verder naar dienstaanbieder' ('Continue to Service Provider') on the bottom of the page. The authentication message containing the attributes will now be send to your application. Based on these attributes you can identify and authorise the user.