Versions Compared

Old Version 1

changes.mady.by.user Rasmus Larsson

Saved on

compared with

New Version Current

changes.mady.by.user Rasmus Larsson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

The Fedkom Klassa access solution production environment is accessible only to members of Fedkom and

  1. members that have signed an agreement for Svenska federationer with access to KLASSA, and
  2. opted-in non-municipality members

...

  1. of Sambi and Skolfederation.

All member metadata published in the Fedkom Klassa access solution aggregated metadata feed is by confirmed member organizations, that must comply with the trust framework and technical requirements.

Access to

...

Klassa access solution production environment

...

Uploading metadata to

...

Klassa access solution

Metadata opt-in from Skolfederation or Sambi

If your member organization is a Swedish municipality and a member of either Skolfederation or Sambi and not a municipality*, you have the option to include existing or new entities in Fedkomthe Klassa access solution. This is done by:

  1. Applying the opt-in Entity Attribute as defined in the Fedkom Klassa access solution policy
  2. Uploading the entity metadata to Skolfederation or Sambi via Federationsadmin

...

Once the opt-in Entity Attribute is correctly applied and the metadata has been published, the entity will be included in Fedkom the Klassa access solution in accordance with the federation policy.

Info
titleOpting in if municipality

*If your member organization is a municipality, opting in will include you in the Fedkom metadata feeds.


Info
titleMetadata Publication Delay

After publishing your entity with the opt-in Entity Attribute, it may take up to approximately one hour before the entity is published in the

Fedkom

Klassa access solution feeds.

This delay is due to differences in metadata aggregation and publishing cycles between the federations and

Fedkom

Klassa access solution.

Sending metadata manually to federation operator

...

Technical information

Metadata

Fedkom produces three metadata Klassa access solution produces three metadata feeds available for consumption:

Metadata feedURL
All entities (IdP and SP)https://md.openfed.se/prod/md/metadata_
set1
set2_01.xml
All SP's onlyhttps://md.openfed.se/prod/md/metadata_
set1
set2_sp_01.xml
All IdP's onlyhttps://md.openfed.se/prod/md/metadata_
set1
set2_idp_01.xml

Public key for verifying signature of all Fedkom Klassa access solution metadata feeds is found below.

...

A centralized SAML 2.0 Discovery Service for Fedkom Klassa access solution is found below.

https://md.openfed.se/prod/ds/

The DS is populated with all IdP's from the Fedkom metadata. The names shown in the DS are based on the OrganizationDisplayName attribute from the IdP metadata.

Info
titleUse other ways of discovery

Note that the federation operator does not recommend the usage of the centralized DS for discovery of IdP's in production environments, due to limitations in user experience. If required, service providers are recommended to implement a method of discovery better suited to their service.

Generic errorURL handler

A generic errorURL handler is provided in the federation. More information: Generic errorURL handler.