Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

When you change things you will need to kill your OpenAthens session. You can sign out at Our QA team say that keeping the sign-out page open in a tab is the most convenient method: https://login.openathens.net/signout 

...

This should only need to come up if you are expecting to work from SAML attributes that are not normally sent by default. E.g if your app would ask a new user for their name and email, you could make use of those values if they are present to save the user entering them (as said before elsewhere in these docs though, you should not insist on them being sent or rely on them being present).  

...

  1. Go to Preferences > Attribute release, move your mouse over the global policy and click on Edit
  2. Click attributes to toggle them between released or not
  3. Click done and then save to make the changes live

You need to use the global policy as, like with the entitlement attribute above, your resource won't appear yet. Once live your customers would add a specific policy for you. 

Creating additional attributes

...

Different parts of the same customer entity can have different scopes. In OpenAthens this will be usually resemble sub-domains, but in other federations some cases you might find totally different internet domains used by the same entity.

...

You will want to be able to test what happens when expected federation attributes are not sent. It is not possible to turn off the targetedID attribute with OpenAthens, but you can turn of off the scopedAffiliation one by setting the role on a permission set as blank and making sure that set is the only one used by a test account.

...