KNF:Service provider koppeling testen/en

Uit Kennisnet Developers Documentatie
Naar navigatie springen Naar zoeken springen
Nl.gif Nederlands En.gif English

During the implementation of a connection with Entree Federation the Reference Identity Provider can be used for testing purposes. With the help of this application the authentication proces of a user can be simulated.

Step 1: Start authentication

Open your browser and navigate to the page of your application where you can start the authentication proces with Entree Federation.

Step 2: Select the Identity Provider

You will be redirected to the WAYF-screen (Where Are You From) of the Entree Federation. Click on 'Log in met je schoolaccount' ('Log in with your schoolaccount').


In the window that spreads out you will see a list of schools that are connected to the Entree Federation.


Typ in the searchbox 'referentie' ('reference').

Wayf referentie 01.PNG

After which you select 'Entree Referentie' and click on 'Verder' ('Continue').

Wayf referentie 02.PNG

Step 3: Reference Identity Provider

You will now be redirected to the Reference Identity Provider of the Entree Federation. You're now shown a list of attributes that will be send to your application. The attributes arre divided in a set of Standard attributes and a set of Additional attributes (here you can find an overview of the attributes).

  • Standaard attributen worden altijd door Entree Federatie aan de Service Provider doorgegeven.
  • Aanvullende attributen worden alleen aan de Service Provider doorgegeven indien de school ervoor expliciet toestemming heeft gegeven via een ondertekende Attribute Release Policy.
Referentie Identity Provider 01.PNG

If necessary you can change the values of the attributes, accept for nlEduPersonHomeOrganizationId and nlEduPersonHomeOrganization.
Note: In order for your application to be able to receive additional attributes from the Reference Identity Provider, Kennisnet has to change the configuration. You can contact Kennisnet for this.

Step 4: Sending the attributes

If you're ready with modifying the attributes you can click on 'Direct verder naar dienstaanbieder' ('Continue directly to Service Provider') on the top of the page or 'Verder naar dienstaanbieder' ('Continue to Service Provider') on the bottom of the page. The authentication message containing the attributes will now be send to your application. Based on these attributes you can identify and authorise the user.