If you're not already in contact with us, the best place to start is at https://openathens.org/publishers/federation. Our friendly team will talk you through the options, what to expect and all the other bits and pieces to get you signed up and ready to have your tech guys come here.
Once the business details are finished, you can register your application in the federation. What you ultimately do will depend on whether you are using our software or have an existing SAML SP such as Shibboleth, but there are some common areas:
You should familiarise yourself with the...
If you're using OpenAthens software such as Keystone, federation things will be sorted out as part of that set-up so the rest of this page will concentrate on the process for bringing an existing SAML SP such as Shibboleth (that might already be in other federations) to OpenAthens.
- Link to how to Integrate OpenAthens Keystone
Bringing your own SP to the OpenAthens federation
Any software that is configured to support the interoperable SAML 2.0 web browser SSO deployment profile should have no difficulty working within the OpenAthens federation. That means things like Shibboleth and SimpleSAML are fine.
Assuming you've checked the technical recommendations and best practices referenced above, the first step is to register your SP in the publisher dashboard:
- Make sure you have the credentials to access the publisher dashboard. These would have initially been provided to the business contact.
- You'll need the URL of your SP metadata or, if that's not public facing, a text file containing it
- Access the publisher dashboard at sp.openathens.net.
- Click the register new application button and choose existing application in the dialogue box
- Upload your application's metadata either by specifying the URL or uploading the file. Any type of text file is fine as long as it has valid XML inside it.
- You will be shown the details of the certificate presented by the metadata. Confirm that the metadata is trusted and should be imported, tick the box and then click the create button
The application record is now created.
The next technical step is to add the OpenAthens federation metadata to your SP. You may need to check your software's documentation on that, but we've written up how to do it in Shibboleth and Simple SAML: How to add the OpenAthens federation to common SP software
Once that is done you just need to cover off any marketing things to do with names, descriptions and logos and you're ready to submit it for publication. See: Getting production ready.
When you submit it for publication our service desk will run some checks to make sure it's all working and will be a good experience for our mutual customers. As this can lead to them getting back to you with requirements or recommendations it's best to plan in time and resource.