This page contains the SAML 2.0 metadata of the SURFconext identity federation test environment.

Metadata

SURFconext metadata for the test environment

DO NOT USE THIS FOR PRODUCTION! production metadata can be found here

• SURFconext IdP proxy metadata
  (for use by Service Providers)
• SURFconext SP proxy metadata
  (for use by Identity Providers)

• SURFconext IdPs metadata
  (for use by Service Providers that build their own WAYF)

Assertion signing certificate

The assertion signing certificate for SURFconext is part of above metadata feeds. For convenience, when working with systems where it needs to be configured separately, you can use the following file.

• engine.test.surfconext.nl 20230403 certificate

SURFsecureID metadata

This metadata is only necessary for those parties that directly interface with the SURFsecureID TEST gateway.

• SURFsecureID gateway IdP metadata
  (for use by Service Providers)
• SURFsecureID Second Factor Only IdP metadata
  (for users of the Second Factor Only endpoint)

The assertion signing certificate contained in the metadata above is sa-gw.test.surfconext.nl 20200228.

Security

When retrieving metadata from this site, you must ensure to check the HTTPS certificate validity. We also recommend to use DNSSEC validating resolvers. If you additionally require XML signed metadata that is signed with a separate metadata signing certificate, please see signed SURFconext TEST metadata

Support and contact

Please refer to the SURFconext documentation for IdPs and SPs for more information on how to use this metadata and where to get support.