SURFconext has a test and a production environment. You can use the test environment to verify whether your application's SAML or OIDC integration works correctly. You can be sure that if it works on test, it works on production as well: the test environment is standardised and in close alignment with the production environment. This page outlines the characteristics of these environments, and the rules for using them. 



SURFconext Test



SURFconext Production
  • For testing purposes only
  • Test with the SURFconext test-IdP (which contains realistic identities) or institutions' test ldPs
  • Do not use (privacy) sensitive information
  • No contract necessary
  • New applications can be configured via Selfservice SP Dashboard
  • Uses specific ldP metadata (see below)
  • No SLA
  • Contract needs to be in place
  • Holds privacy sensitive information from institutional users
  • Production IdPs available only
  • Uses specific IdP metadata (see below)
  • Meet the SSL/TLS Requirements as stated on this page for both SP's and IdP's. You will need an SSL Labs Rating B or Higher.

SAML IdP metadata

https://metadata.test.surfconext.nl/idp-metadata.xml

 SAML IdP metadata

https://metadata.surfconext.nl/idp-metadata.xml

OpenID Connect IdP metadata

https://connect.test.surfconext.nl/.well-known/openid-configuration

OpenID Connect IdP metadata

https://connect.surfconext.nl/.well-known/openid-configuration

Please note that SURFconext acts as an identity provider to services and is the only IdP a service connects to. That is why you use the IdP metadata links as stated in the table above.


For institutions: testing an application with real test accounts

As an institution, you might want to test an application before it is published to production, with test identities of your own institution. In that case, configure a test IdP and request the SURFconext team to connect that test IdP to the SURFconext test environment.

Back to start

Continue to connect your service with our step by step guide.


Navigate