This page contains the SAML 2.0 metadata of the SURFconext identity federation test environment.
Metadata
SURFconext metadata for the test environment
DO NOT USE THIS FOR PRODUCTION! production metadata can be found here
- SURFconext IdP proxy metadata
(for use by Service Providers) - SURFconext SP proxy metadata
(for use by Identity Providers)
- SURFconext IdPs metadata
(for use by Service Providers that build their own WAYF)
Assertion signing certificate
The assertion signing certificate for SURFconext is part of above metadata feeds. For convenience, when working with systems where it needs to be configured separately, you can use the following file.
SURFsecureID metadata
This metadata is only necessary for those parties that directly interface with the SURFsecureID TEST gateway.
- SURFsecureID gateway IdP metadata
(for use by Service Providers) - SURFsecureID Second Factor Only IdP metadata
(for users of the Second Factor Only endpoint)
The assertion signing certificate contained in the metadata above is sa-gw.test.surfconext.nl 20200228.
Security
When retrieving metadata from this site, you must ensure to check the HTTPS certificate validity. We also recommend to use DNSSEC validating resolvers. If you additionally require XML signed metadata that is signed with a separate metadata signing certificate, please see signed SURFconext TEST metadataSupport and contact
Please refer to the SURFconext documentation for IdPs and SPs for more information on how to use this metadata and where to get support.