Tip | ||
---|---|---|
| ||
https://proxy.ocre.aai.geant.org/.well-known/openid-configuration |
Tip | ||
---|---|---|
| ||
https://proxy.aai.geant.org/metadata/frontend.xml (production) |
The OCRE GEANT SP Proxy is using the eduTEAMS behind the scenes, which GEANT's implementation of the AARC Blueprint Architecture. The OCRE GEANT SP Proxy is comprised of the following eduTEAMS components:
eduTEAMS Proxy & Identity Hub
The Proxy is an SP-IdP Proxy with first-class support for the OIDC and SAML protocols. It can connect SAML Identity Providers, OIDC Providers, SAML Service Providers, OIDC Resource Providers enabling teams to use their preferred identity sources and services regardless of the authentication protocol used. The eduTEAMS Proxy is responsible for aggregating the user attributes from various identity sources, enforce community and platform wide policies and provide one persistent user identifier and a harmonised set of attributes to the connected services.
eduTEAMS Discovery Service (DS)
The eduTEAMS Discovery service provides a web interface for users to search and select their preferred identity provider. It is an essential component of the platform, directly connected with the eduTEAMS Proxy.
eduTEAMS Metadata Service (MDS)
The eduTEAMS Metadata Service aggregates the metadata of all the SAML Identity and Service providers that are connected on the platform. It does so by aggregating the metadata feed of eduGAIN, while allowing the platform administrators to configure also other local or remote metadata sources. The eduTEAMS MDS is an essential component of the platform directly connected to the eduTEAMS Proxy.