Versions Compared

Old Version 2

changes.mady.by.user Rasmus Larsson

Saved on

compared with

New Version 3

changes.mady.by.user Stefan Halen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

All members of Fedvis gain automatic access to the production environment. On finalization of membership, all Technical Contacts can access Federationsadmin by using their e-identification (BankID or Freja eID+). Technical Contacts also have the ability to create Technical Agents to delegate access to the members member's metadata management. More on creating and managing Technical Agents is found in the user guide.

Uploading metadata to Fedvis 

...

To upload metadata to Fedvis, log on to Federationsadmin with your e-identification (BankID or Freja eID+).

Note that you : You have to be either the member's Technical Contact or Technical Agent to gain access.

Log on to Fedvis in Federationsadmin

Info
titleInstructions
For instructions how to manage your metadata in Federationsadmin, please read the user guides for metadata management.

Sending metadata manually to federation operator

An alternative to managing the metadata in Federationsadmin is to use the form linked below to send metadata to the federation operator for validation and verification. If there are errors, the federation operator will request corrections. If everything is ready for upload, the federation operator will contact the Technical Contact to validate metadata checksum (SHA1) before publication to federation.Link to metadata form

Technical information

Metadata

Metadata for Fedvis is found below. 

https://fed.sambifedvis.se/prod/md/metadata.xml

Public key for verifying signature of federation metadata is found below.

Code Block
languagebash
titlesambiinternetstiftelsen.crt
-----BEGIN CERTIFICATE-----
MIIFtTCCA52gAwIBAgIJAJIxSfDidpyHMA0GCSqGSIb3DQEBCwUAMHExCzAJBgNVMIIFxTCCA62gAwIBAgIUOzUhMH9lGnTxeR9v1AQ2I7NYt4IwDQYJKoZIhvcNAQEL
BAYTAlNFMRIwEAYDVQQIDAlTdG9ja2hvbG0xEjAQBgNVBAcMCVN0b2NraG9sbTElBQAwcTEUMBIGA1UEAwwLU0FNTC1zaWduZXIxKDAmBgNVBAoMH1RoZSBTd2VkaXNo
MCMGA1UECgwcSW50ZXJuZXRzdGlmdGVsc2VuIGkgU3ZlcmlnZTETMBEGA1UEAwwKIEludGVybmV0IEZvdW5kYXRpb24xGzAZBgNVBAsMEkZlZGVyYXRlZCBTZXJ2aWNl
c2FtYmktcHJvZDAeFw0xNzA4MjkwNzI5NDBaFw0yNzA4MjcwNzI5NDBaMHExCzAJczESMBAGA1UEBwwJU3RvY2tob2xtMCAXDTIzMDkxODEyNDI0NVoYDzIxMjMwODI1
BgNVBAYTAlNFMRIwEAYDVQQIDAlTdG9ja2hvbG0xEjAQBgNVBAcMCVN0b2NraG9sMTI0MjQ1WjBxMRQwEgYDVQQDDAtTQU1MLXNpZ25lcjEoMCYGA1UECgwfVGhlIFN3
bTElMCMGA1UECgwcSW50ZXJuZXRzdGlmdGVsc2VuIGkgU3ZlcmlnZTETMBEGA1UEZWRpc2ggSW50ZXJuZXQgRm91bmRhdGlvbjEbMBkGA1UECwwSRmVkZXJhdGVkIFNl
AwwKc2FtYmktcHJvZDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMYKcnZpY2VzMRIwEAYDVQQHDAlTdG9ja2hvbG0wggIiMA0GCSqGSIb3DQEBAQUAA4IC
8u6sfvbxgSGqBz4VPi0Bp1m6XevG1VArxDwAwggIKAoICAQDQQh8F4KvzuSoYOB3aNlAD0/wFgE6TXi4imToa4nBP41p+Ks9aFDVjj4i9IQVRr2MnCrlBABQThCY4nP
w/+SsFAiBmc4OanMPdclJE50FQRFQrKVyT7IzAi+HlkXNEKm1W8B9VviJFniEsw8
zEg/8rSHPSp/zZ3KhiFEN/OpNJAAf+HgRIBlbaDGaoWf5ovHlb0RDlmOee1OsPtA
AcE6hUMVJNw6mXuSiQwdBku2eHYfKJnprYMGfvAYxz/11guATCKvUr74mGsMkGiz
6Pdac+1U2aOhjaGGgJXCz+hy3q4lVRA3Z3yJHnLg1HVyGdQoY/BXOVvDjMSOxdMX
zEQdHqzIxwIpeJEpWlISidfSDsc6v83SZlfppiGITkJAOzC+zwMhoOrIp3PYpW5m
RmiX6BQHCCKSkh++UvvuAyt6P0a6+xKKgCLNqHyvb8W4YBNoHc4HVDxpsZlcAC3f
REgvUzkcfCldPoIn1ChlJ82xW5WuzbKGNWfHIM5bi37PtOT+RhYwv5eCd/M0xmX9
eO4NzuxAlMMdOX2mNft4kCIn/PPGCcAmIxuDtdsrHTXV1fLPcYZl2e2yZtnWqoWx
9/3gBJKQsBmdus3nSkGNUIFC5LrBN730rzPOKk8zmmdB1GwuhUZN8PZO5S6I450J
ow+llF6We8Pg+PH6njBDHWeN4CPlYytJiJ+5Tnq9AgMBAAGjUDBOMB0GA1UdDgQW
BBRRJbdHmh7Nxi5otLkK/L0bYeGSFTAfBgNVHSMEGDAWgBRRJbdHmh7Nxi5otLkK
/L0bYeGSFTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQA7Xxp6wv68
zx0pgO9npFQFQ263hScdmNMcZOtwBCZx6A0iIUCK6nPKmFX7qNXUetlwqqHLOnXI
Wbn+93sLDf5kSpu4Ou53DCIhEjLFto8AT5aiezV86UhLmcjm9oic1FHUq/40qadV
iYZ8jkAZR+2rkdF1undnaOKdBJIsXkVttcpDzhNm0mqOD0hVd8/R62pLEOajaWhh
jm+uq/qKlYlpF5+cJ0gF4WAbr7N2r/CFQARCuF8XujZpfJ8wZDyMLJ8LRams2ur3
Zxt8lBiJR+t3KxScSEnUVbbzo141XrGg2sd/9+FmyOyIUtHrK5P2Zn4r3OmXuVDw
11KVw+RZTSzk4IlLrz6fFWi8rEqjQaBbZd8vj311jDSfsINmKt0FJb2W6VhQltCk
Y/7XnEbJQhzz3s8OeNZo5snFbGNpoxV8fv+Ubta00YVPT3Cmqfv9IF1LEs+6GuCR
YZbm0bhIm1/i02om7Rgkg6AGgIR0p+m0tmlZmNRm4MPz3CFF2mInMirIHYmGEqH4
Lc9+dCMNTgN9+0Pp0LdwzfyqanmoJlY86uTVEJv27+rqpm+GVDXoQOIW/D6U3xxy
QFmoez5eArI7Zs7x5G1UVm58br7HahuMPAVwiuSfR/O7UdQTcgN7Lt3Scm9vgMeP
VkQ7+EQl7xk5NB0/Ewi/FfzEerm7Jm+CGg==SMjLAgzL8FRUJ0utAOFeLqMq/fndXORZW7Xl/wmlGCJx2+xfyYgdT4+wQghbPV0M
4zmKyWunl5N84A5DrhPltoCTVS6I3ucAgpzMh132y9YnM88MW4+EuTt3+oRXstA8
fpJ3xIX3x0DUDk59eH/0FQwALrK3CkY5xcb1FBAqFAQgw/mU6V1zyZIQ+Qz3iL5A
kWV2yeCKstz4qWbNnGGxSBq3JnPUcoWLs9QJOTxTHqK4f40ZXqeOjPKxmY7q+2LP
BAe9xvP08y2M8d78+fll1aqQRJc3D8jd9WEwPuMf8Dqs//Nfk7UC3Gl7wjqQArKz
fY9poeEY2WwNMOsfnmtFlO3yCZzvLgWXbil6afzSKBjIZZuoyuKWAzZV+PJgzwWd
BnTxbZxw91lXWZzus1EUL9W89P25cHoZVlDWIMoidDDv8BEGZ5Uk6J4BejHcADpg
8ab7dL8CEz2LppVnQKQNjHoatQji74KF8nPIppGbasVaCJlugaOY02MmVYo32T6l
3Dxtc4cCAdEXjVfWvhcRTu4A9qqIYaAIeG5zJ88nyeynW1NIzyDyI1VYMqypsTKt
MHcsx2DMTR+M3+EEN340JfvkcjN6BbRTW6IispFBDAIIzwxdbzjNlm+6XwIDAQAB
o1MwUTAdBgNVHQ4EFgQUOfgCEzWuxk5w2v0uSY97ydRDasQwHwYDVR0jBBgwFoAU
OfgCEzWuxk5w2v0uSY97ydRDasQwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0B
AQsFAAOCAgEAKQm/y1SxXPT1wk5nhmMgwtLYpq5OrASrH1fhVV8cli9Mf1PmOvHW
UfishBZmFO53IaxJRS12PyDdWIzzO0L/XWIST5HPGWV7i2VcXWG9yyVBNar2maRX
OA5VaNVjMW0UMxo3udkm7QBqsiJ1wOzTwyEQLHyJgB7td1/ikVrUC8joknyBH9wX
p4GtdRe9gbykDpLWp6Oi96/hr8NrCQE8CP+inXUGLSYv35DOmalbi77MD0leLVzw
OGOLApuqgoL/RoXvYN30slABCdPBTml03Ylhhz/+GY4sy04a+8cgXeMadvBGB/S6
mh89egIDkTYpqg4WPVuGcmZNU+qBzKc5mdr5Y/Fcv1dbwJanUDLXW8OasRhSsaGP
p7G6vSWP3Myke1GqV0eonvN3unvnFURndOi01zFd9IbGfQTZbzkM4QbSRrO7zeqR
vpEQDlEFIuWaVuKjsgzED3Pf9znTNOXgRg7CR2yRQYyY3SCVEaowKrEJUvNVCeMN
gXnFVx5tPUZIn612cpPVundlVnEgvtzmP9lHir2LyTMgHrbIPVHegTUtR8V+WEVz
vCF7w/2eNqaBkslG8syDz9QxQH1EE/Gl0wuWWHYFz9NGf7kBYKsGrlFM5D5uibRd
lhJ8whmDQfNiP9pLpm3Mjz4b6/CuBOWD9ImRepBqraKNo0JM5l0zj48=
-----END CERTIFICATE-----

...

Code Block
SHA 256 fingerprint:
3555:3FB2:3AD1:24B2:4BD1:B265:792B:6ED2:B8F4:41A0:651F:00DA:AF9A:59E2:8845:6757:16A8:5DCF:E5D4:9A6A:EF9E:4640:DB1C:37F5:2457:8743:BAA0:3EE8:006B:888E:A4E3:A258


Info
titleVerify metadata with certificate

We recommend verifying the fingerprint of the signing certificate with the federation operator before adding the certificate to your IdP/SP trust. After trusting the certificate, always verify federation metadata signature with signing certificate to guarantee metadata integrity.

Discovery Service (DS)

A centralized SAML 2.0 Discovery Service for Fedvis is found below.

https://fed.sambi.se/prod/ds/

The DS is populated with all IdP's from the Fedvis metadata. The names shown in the DS are based on the OrganizationDisplayName attribute from the IdP metadata.

Info
titleUse other ways of discovery

Note that the federation operator does not recommend the usage of the centralized DS for discovery of IdP's in production environments, due to limitations in user experience. If required, service providers are recommended to implement a method of discovery better suited to their service.


Info
titleTest services in production?

Currently, there are no test services available in production. For testing your IdP or SP solution, please feel free to use the test services in the test environment Fedvis Trial.

...