Be prepared

Before you continue to go live with your production entity, be sure to have covered the following:

  • You have successfully tested your entity on the test environment.
  • The SURFconext Agreement is in place / The SURFconext-representative has given approval
  • Your service meets the security requirements and makes use HTTPS and TLS.
  • You have a list at hand with the institutions you want to connect with as well as contacts, name and email, we can refer to when sending the connection invite.

Add new entity for production environment

  • Log in to the SP Dashboard at https://sp.surfconext.nl.
  • Click on Add new entity for production environment.

  • In the Create registration form window, choose:
    • the protocol
    • whether you want to start a blank form or a copy from an existing production or test instance.
  • Click on Create.


  • In the form, fill in all the information that is required.
  • Review the data. Check to see if the attributes as released are motivated, the technical and support contacts entered, etc. If you are done, proceed.

Check your data

At this stage, we will do some checks. To keep everything up to speed, check the following prior to publishing your service:

  • Think about the attributes your service actually needs. If we find not or poorly motivated use of attributes or in our opinion, to many attributes we can and will discuss this with you.
  • If in this stage our test on SSL Labs fails to meet our requirements, you will need to fine tune your service using our test environment. You will need an overall Rating B or higher. Check this link to get an A rating on SSL Labs.
  • We need to have some references at the institution(s) you will connect to. Have these contacts at hand, name and email, so we can use them to refer to when sending the connection request.
  • If all is OK and you get the confirmation, configure the SURFconext production metadata in your service: https://metadata.surfconext.nl/idp-metadata.xml
  • We will notify you when the service is set to the production environment.
  • Press Publish to promote your entity to production.

Now, we will review your production request first. We will either ask you for extra information, or notify you that we have published your entity to production.

Invite institutions to connect to your new entity

After clicking Publish, the Invite institutions window appears:

Screenshot 2023-03-01 at 14.17.03.png

More informatiion on this step

Edit production entity

Not happy with the current production entity? You can edit your production entity, even after clicking Publish in the previous steps.



Navigate