OpenAthens also provides a hosted identity provider used by all our Identity customers and if you are purely a service provider there are two touchpoints for you to know about:
You are almost certainly going to be adding your application to the OpenAthens federation at some point and you are going to want to test that it works with the system that our mutual customers are using.
Here are the basic steps to create two test accounts, one with a role and one without. There are complete instructions on all of the functions in the Identity documentation:
What we achieve with these three accounts are two that will provide you with a scoped attribute on access (but different roles), and one that will not provide a role (and consequently, no scope for you to authorise on).
These give you many test options and should cover all the ways your resource might work. There are additional test accounts with a different scope our service desk can give you access to when you're ready.
If you only have one application and you managed it in-house then using one set of credentials is probably ok and the default settings will support this.
If you have different people or groups working on different applications though, you may want to limit access to the application configuration and to do this you first need to create some organisation accounts in MD and then assign one or more of them to each application.
The accounts section of the publisher dashboard is usually sufficient to add or remove such accounts, but if you need to perform any detailed operations you will need to find these accounts in the Identity interface as follows: