The Sambi acceptance test environment is accessible only to members of Sambi. All member metadata published in the Sambi aggregated metadata feed is by confirmed member organizations, that must comply with Sambis trust framework and technical requirements.

Access to Sambi acceptance test environment

All members of Sambi gain automatic access to the acceptance test environment. On finalization of membership, all Technical Contacts can access Federationsadmin by using their e-identification (BankID or Freja eID+). Technical Contacts also have the ability to create Technical Agents to delegate access to the members metadata management. More on creating and managing Technical Agents is found in the user guide.


Uploading metadata to Sambi 

Uploading metadata in Federationsadmin

To upload metadata to Sambi, log on to Federationsadmin with your e-identification (BankID or Freja eID+). Note that you have to be either the member's Technical Contact or Technical Agent to gain access.

Log on to Sambi acceptance test in Federationsadmin

Instructions

For instructions how to manage your metadata in Federationsadmin, please read the user guides for metadata management.

Sending metadata manually to federation operator

An alternative to managing the metadata in Federationsadmin is to use the form linked below to send metadata to the federation operator for validation and verification. If there are errors, the federation operator will request corrections. If everything is ready for upload, the federation operator will contact the Technical Contact to validate metadata checksum (SHA1) before publication to federation.

Link to metadata form

Technical information

Metadata

Metadata for Samb acceptance test i is found below. 

https://fed.sambi.se/accept/md/metadata.xml

Public key for verifying signature of federation metadata is found below.

sambi-accept.crt
-----BEGIN CERTIFICATE-----
MIIFuTCCA6GgAwIBAgIJAKeejH35FYBSMA0GCSqGSIb3DQEBCwUAMHMxCzAJBgNV
BAYTAlNFMRIwEAYDVQQIDAlTdG9ja2hvbG0xEjAQBgNVBAcMCVN0b2NraG9sbTEl
MCMGA1UECgwcSW50ZXJuZXRzdGlmdGVsc2VuIGkgU3ZlcmlnZTEVMBMGA1UEAwwM
c2FtYmktYWNjZXB0MB4XDTE3MDgyOTA3MjkyMFoXDTI3MDgyNzA3MjkyMFowczEL
MAkGA1UEBhMCU0UxEjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3RvY2to
b2xtMSUwIwYDVQQKDBxJbnRlcm5ldHN0aWZ0ZWxzZW4gaSBTdmVyaWdlMRUwEwYD
VQQDDAxzYW1iaS1hY2NlcHQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
AQCfxXA9HOXUddcJ8pxYbash1TCi5W5nETOlLmKpNw8fElcA7EVC9RdBn6MTCMqQ
aSGkl5FYH/dMco6QhBflenyJ75U1ezKW6yE3XBNISq+5EmXwZwCaNUlrHVDjPxgn
/rlOBGkfFryVEDHeG1awWNfBdRHesSE0mZcZEeWcMwkQsZnrunu79zGV1eTIWXwK
HAjm473Oiid7orijH45idKo0IkXhy8ArvI+IbSrgQciLxoO7WNr2jR1kEWOH5UX8
uML/4PJ98aTybqORKOObjZ2ecUTRteYyfwgwo2fmjnkeStjteV9XTENa3axaANAw
XYWVPy91xg9Rlbbe8jcJ6cPFlDp5xJVjRfzLqesVRpDp3c3eHEJB1Vd6VlWreGip
x/VpSzYzOCxDNDhTeEpuMRyPxlErF9Aq+pYlqI/BODRkTempaS6q6cWcrl4ttwR7
WrkrUzFRYhT1/h3ODFFiTQ1WjMKPuzLAyK8FUPx948o1B5ZKMNENYAlT9RZO7HLg
oXjjNvFwlP43JFUyxAYVWftIDPwXBiFTgR4pWY4nGJqUy799XiH1ObhswSPPt7jO
wBrIQ+EG/e1V5XtoLNKoNUnY4rlkhotxogp5gAhlWsrwGlaab80hW6V0/4zhWh7S
B5y5tEd7d68U66XGnHeR7KM02TQZJwMtiEZrtCggmCE2BwIDAQABo1AwTjAdBgNV
HQ4EFgQUxSbLtoWmWtuthSoMjWIpIwYvr7gwHwYDVR0jBBgwFoAUxSbLtoWmWtut
hSoMjWIpIwYvr7gwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAVV6z
tagUZAb2uBsJ8EP9NXdgc1rgoTf8stDpAlXcN8WEdk8rQ8DAPG9cV/Y3LxCNFbmJ
hJ7CgmSYoQSkW4n5yrw86QUtSGTcrSgw3gVFa9gTu2O2XlJ5ga0DzlJaMcSLKT+I
NMN6ZsLDl8KwFmJ2eQZbBeF5tOh5AUEiFHmQUhSMhoZuf6sMgrbzT5tKXO7lZmM3
4pr7j92Hp9pVc2X0TnowXoZZZ3kR0BIZZiM/Db8gmOLIMJG/4jHERLDEJ2qGRS2M
BxsDu4DlK+sIfZH+1T57NjRYxWWeARLCk2HhlM8E5sTdua5jm5SiaPeyXJ9HdJew
N3PhV5h3lTzXD8XfV6lW3UBvnQKf3LJZELKf70wKQay5CgFDaN+aXc6d2M+/IGcg
O1pzYFyOex/xx9zcM781MNCXJs3n7bbsxO/dmUmKsquUpDMuGOf1rXET6A0VWQeM
gnZNtkrVNac4W7zPcR9Z4m7wOSKwBJRhj5/ntOSv7xHytiLqPuqBfOtLi31yIYRg
CJTaF7fOP1BqPvbP78aklb/KLywoN1MtfPnqgeX6Vftidx/T37sizSscqvU1FwRj
N7VCMjtIhCS6jbYUEJIS6YPQRYRe9pP37B7kcGSMQq/BYt5H54wOjakYCb82nOhl
BYW1BfYuMEP6XPZLm3UqQIBQdLCN5MBzqpryLYc=
-----END CERTIFICATE-----
SHA 256 fingerprint:
13:00:31:03:3F:A4:6F:CC:78:11:66:87:45:D3:E3:41:54:D2:8A:A3:96:16:83:42:30:16:17:2C:C7:4B:D7:9B


Verify metadata with certificate

We recommend verifying the fingerprint of the signing certificate with the federation operator before adding the certificate to your IdP/SP trust. After trusting the certificate, always verify federation metadata signature with signing certificate to guarantee metadata integrity.


Discovery Service (DS)

A centralized SAML 2.0 Discovery Service for Sambi is found below.

https://fed.sambi.se/accept/ds/

The DS is populated with all IdP's from the Sambi metadata. The names shown in the DS are based on the OrganizationDisplayName attribute from the IdP metadata.

Use other ways of discovery

Note that the federation operator does not recommend the usage of the centralized DS for discovery of IdP's in acceptance test environments, due to limitations in user experience. If required, service providers are recommended to implement a method of discovery better suited to their service.


Test services in production?

Currently, there are no test services available in acceptance test. For testing your IdP or SP solution, please feel free to use the test services in the test environment Sambi Trial.



  • No labels
Write a comment…