OpenID Connect now available in SURFconext for suppliers
29 AUG 2017
Suppliers who want to connect to SURFconext are now able to choose from two open standards for their technical connection: SAML and OpenID Connect (OIDC). There are more default implementations that use OpenID Connect, making it easier for services to connect to SURFconext. The first supplier is already connected.
SAML and OpenID Connect
OpenID Connect is a modern protocol, based on OAuth 2.0. There are now more default implementations available that use OpenID Connect than with SAML, so this makes it simpler for a supplier to make their application suitable for federated authentication through SURFconext. The expectation is that this will in turn mean more services become available through SURFconext.
First supplier connected
The first supplier to connect using OpenID Connect is Leerpodium. Leerpodium recently successfully hooked up their e-portfolio service to SURFconext using OpenID Connect, allowing users at both the Amsterdam University of the Arts and the ArtEZ Institute of the Arts to log into this service. The users still log in 'normally' via SAML at their institution as before, while SURFconext converts an SAML login to OpenID Connect without needing to change the institution's identity provider (IdP).
Want to find out how connecting to SURFconext via OpenID Connect works?
- Read the documentation about how to connect on the SURFconext wiki.
- For more background information about OpenID Connect, read the blogpost Easier for suppliers to connect to SURFconext using OpenID Connect.