The Sambi acceptance test environment is accessible only to members of Sambi. All member metadata published in the Sambi aggregated metadata feed is by confirmed member organizations, that must comply with Sambis trust framework and technical requirements.
Access to Sambi acceptance test environment
All members of Sambi gain automatic access to the acceptance test environment. On finalization of membership, all Technical Contacts can access Federationsadmin by using their e-identification (BankID or Freja eID+). Technical Contacts also have the ability to create Technical Agents to delegate access to the members metadata management. More on creating and managing Technical Agents is found in the user guide.
Uploading metadata to Sambi
Uploading metadata in Federationsadmin
To upload metadata to Sambi, log on to Federationsadmin with your e-identification (BankID or Freja eID+). Note that you have to be either the member's Technical Contact or Technical Agent to gain access.
Log on to Sambi acceptance test in Federationsadmin
Instructions
Sending metadata manually to federation operator
An alternative to managing the metadata in Federationsadmin is to use the form linked below to send metadata to the federation operator for validation and verification. If there are errors, the federation operator will request corrections. If everything is ready for upload, the federation operator will contact the Technical Contact to validate metadata checksum (SHA1) before publication to federation.
Technical information
Metadata
Metadata for Samb acceptance test i is found below.
https://fed.sambi.se/accept/md/metadata.xml
Public key for verifying signature of federation metadata is found below.
-----BEGIN CERTIFICATE----- MIIFuTCCA6GgAwIBAgIJAKeejH35FYBSMA0GCSqGSIb3DQEBCwUAMHMxCzAJBgNV BAYTAlNFMRIwEAYDVQQIDAlTdG9ja2hvbG0xEjAQBgNVBAcMCVN0b2NraG9sbTEl MCMGA1UECgwcSW50ZXJuZXRzdGlmdGVsc2VuIGkgU3ZlcmlnZTEVMBMGA1UEAwwM c2FtYmktYWNjZXB0MB4XDTE3MDgyOTA3MjkyMFoXDTI3MDgyNzA3MjkyMFowczEL MAkGA1UEBhMCU0UxEjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3RvY2to b2xtMSUwIwYDVQQKDBxJbnRlcm5ldHN0aWZ0ZWxzZW4gaSBTdmVyaWdlMRUwEwYD VQQDDAxzYW1iaS1hY2NlcHQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC AQCfxXA9HOXUddcJ8pxYbash1TCi5W5nETOlLmKpNw8fElcA7EVC9RdBn6MTCMqQ aSGkl5FYH/dMco6QhBflenyJ75U1ezKW6yE3XBNISq+5EmXwZwCaNUlrHVDjPxgn /rlOBGkfFryVEDHeG1awWNfBdRHesSE0mZcZEeWcMwkQsZnrunu79zGV1eTIWXwK HAjm473Oiid7orijH45idKo0IkXhy8ArvI+IbSrgQciLxoO7WNr2jR1kEWOH5UX8 uML/4PJ98aTybqORKOObjZ2ecUTRteYyfwgwo2fmjnkeStjteV9XTENa3axaANAw XYWVPy91xg9Rlbbe8jcJ6cPFlDp5xJVjRfzLqesVRpDp3c3eHEJB1Vd6VlWreGip x/VpSzYzOCxDNDhTeEpuMRyPxlErF9Aq+pYlqI/BODRkTempaS6q6cWcrl4ttwR7 WrkrUzFRYhT1/h3ODFFiTQ1WjMKPuzLAyK8FUPx948o1B5ZKMNENYAlT9RZO7HLg oXjjNvFwlP43JFUyxAYVWftIDPwXBiFTgR4pWY4nGJqUy799XiH1ObhswSPPt7jO wBrIQ+EG/e1V5XtoLNKoNUnY4rlkhotxogp5gAhlWsrwGlaab80hW6V0/4zhWh7S B5y5tEd7d68U66XGnHeR7KM02TQZJwMtiEZrtCggmCE2BwIDAQABo1AwTjAdBgNV HQ4EFgQUxSbLtoWmWtuthSoMjWIpIwYvr7gwHwYDVR0jBBgwFoAUxSbLtoWmWtut hSoMjWIpIwYvr7gwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAVV6z tagUZAb2uBsJ8EP9NXdgc1rgoTf8stDpAlXcN8WEdk8rQ8DAPG9cV/Y3LxCNFbmJ hJ7CgmSYoQSkW4n5yrw86QUtSGTcrSgw3gVFa9gTu2O2XlJ5ga0DzlJaMcSLKT+I NMN6ZsLDl8KwFmJ2eQZbBeF5tOh5AUEiFHmQUhSMhoZuf6sMgrbzT5tKXO7lZmM3 4pr7j92Hp9pVc2X0TnowXoZZZ3kR0BIZZiM/Db8gmOLIMJG/4jHERLDEJ2qGRS2M BxsDu4DlK+sIfZH+1T57NjRYxWWeARLCk2HhlM8E5sTdua5jm5SiaPeyXJ9HdJew N3PhV5h3lTzXD8XfV6lW3UBvnQKf3LJZELKf70wKQay5CgFDaN+aXc6d2M+/IGcg O1pzYFyOex/xx9zcM781MNCXJs3n7bbsxO/dmUmKsquUpDMuGOf1rXET6A0VWQeM gnZNtkrVNac4W7zPcR9Z4m7wOSKwBJRhj5/ntOSv7xHytiLqPuqBfOtLi31yIYRg CJTaF7fOP1BqPvbP78aklb/KLywoN1MtfPnqgeX6Vftidx/T37sizSscqvU1FwRj N7VCMjtIhCS6jbYUEJIS6YPQRYRe9pP37B7kcGSMQq/BYt5H54wOjakYCb82nOhl BYW1BfYuMEP6XPZLm3UqQIBQdLCN5MBzqpryLYc= -----END CERTIFICATE-----
SHA 256 fingerprint: 13:00:31:03:3F:A4:6F:CC:78:11:66:87:45:D3:E3:41:54:D2:8A:A3:96:16:83:42:30:16:17:2C:C7:4B:D7:9B
Verify metadata with certificate
We recommend verifying the fingerprint of the signing certificate with the federation operator before adding the certificate to your IdP/SP trust. After trusting the certificate, always verify federation metadata signature with signing certificate to guarantee metadata integrity.
Discovery Service (DS)
A centralized SAML 2.0 Discovery Service for Sambi is found below.
https://fed.sambi.se/accept/ds/
The DS is populated with all IdP's from the Sambi metadata. The names shown in the DS are based on the OrganizationDisplayName attribute from the IdP metadata.
Use other ways of discovery
Note that the federation operator does not recommend the usage of the centralized DS for discovery of IdP's in acceptance test environments, due to limitations in user experience. If required, service providers are recommended to implement a method of discovery better suited to their service.
Test services in production?
Currently, there are no test services available in acceptance test. For testing your IdP or SP solution, please feel free to use the test services in the test environment Sambi Trial.
Add Comment