The connections page is about how OpenAthens products like Keystone work in multiple federations. External applications such as Shibboleth don't have a separate connection here because their appearance in other federations isn't managed by us.
When you select a connection you can make the following adjustments:
The name of the application record(s) using this connection.
Allows you to toggle rulesets on an off. Changes take place immediately after saving.
This is the entityID of your application and defaults to
applicationURL/oa/entity. If you change this, make sure to save changes and confirm the page has updated. You almost certainly will not want to change this once you are live. Changing the entityID will not change the address of your metadata.
The menu icon () gives you access to view the entities metadata.
This is your metadata certificate. The same certificate is used for signing and encryption, and a federation might ask you to confirm its thumbprint when you register with them.
The menu icon () gives you access to view the certificate details.
This inserts your application into the metadata used only by your own OpenAthens domain. If you are a publisher, this will only be useful during testing.
If you are using Keystone for something like a VLE that only you will access, it is the only setting you need to turn on and the rest of the page can be ignored.
This will put your application in the OpenAthens federation and, once set as live on the application page, make it visible to all OpenAthens IdPs.
This section is about other federations you might be or become a member of. Enable them here and their metadata will be added to your configuration, however that is all. The switch does not register you in that federation and you will still need to take steps to appear there. See: How to join other federations
The additional identity providers section is for those SAML IdPs that you want to connect who are not in a common federation (it is up to you to determine the weight of numbers that will make it easier for you to join any given federation than configure IdPs separately). See: Entities that are not in a federation
This section allows you to indicate in your metadata which categories of entities you permit. Once saved you'll be able to see changes immediately in the metadata view under the menu by the entityID, but it will take up to 6 hours for them to appear in the published federation metadata.