Publish Service Catalog

Categories

Open all | Close all

Publish Service Catalog

May 2, 2024

Introduction

The Identify’s Service Catalog is an implementation of eHerkenning’s Service Catalog requirement and is published at https://[tenant]/runtime/saml2public/servicecatalog. Only SAML2.0 protocol connections whose profiles are eHerkenning appear in the Service Catalog.

The Identify service catalog has the following format:

  • IssueInstant: this is the created time at which the service catalog was created (UTC datetime)
  • Version: this setting is the version of the service catalog in the format urn:etoegang: <scheme version >:<sequence number>, e.g urn:etoegang:4.3.0.2699:1
  • Signature: the service catalog is signed by the Identify signing certificate.
  • Per service provider:
    • IsPublic: indicates whether the service provider is in public.
    • ServiceProviderID: this is the OIN number. You can configure this value in the System Setup page

OIN number

  • OrganizationDisplayName: Organization name. You can configure this value in the System Setup page.

OrganizationDisplayName

  • Per service:
    • IsPublic: indicates whether the protocol connection is enabled or not.
    • ServiceID (an identifier of a service that is unique in the context of the service provider), ServiceUUID (a universally unique identifier that is used for registering entitlements, SSOSupport (a boolean that indicates if the service supports SingleSignOn) are the settings of the SAML 2.0 protocol connection:

Per service

    • ServiceName: Identify uses the SAML 2.0 protocol connection name for this attribute.
    • ServiceDescription: Identify uses the SAML 2.0 protocol connection description for this attribute.
    • ServiceDescriptionURL:  Identify uses the SAML 2.0 protocol connection entityID and extra EntityID for this attribute.

EntityID

    • AuthnContextClassRef: Identify uses the SAML 2.0 protocol connection authentication context class for this attribute.

AuthnContextClassRef

    • HerkenningsmakelaarId: it’s the OIN of the Herkenningsmakelaar (HM) that provides the service catalog entry for this service. You can cofigure it in the System Setup page

OIN number

    • EntityConcernedTypesAllowed: Identify uses the list of the Artifact resolution services’ locations for this attribute. In fact, these endpoints are imported from the metadata of a service.

EntityConcernedTypesAllowed

    • RequestedAttribute: Identify uses the multi-valued entries of the Attribute consuming services for this attribute.

RequestedAttribute

attribute consuming servicé

    • ServiceCertificate: Only the valid encryption certificates are included in the Service Catalog.

ServiceCertificate

    • Finally, the service catalog is sorted by HerkenningsmakelaarId and then by the ServiceID.
Was this helpful ?Good Somewhat Bad

Related posts:

  1. Web service
  2. Password Self Service Pages
  3. LDAP web service settings
  4. Saml 2.0: SAML 2.0 connection settings now support more standard elements found in metadata