Skip to main content
Skip table of contents

Enabling access for our service desk

Before making your service live for our mutual customers and publishing it the federation, our service desk runs some checks and to do so our identifiers will need to get past your authorisation checks.

  • If your resource clearly shows whether or not a user is logged in - e.g. the login link disappears - then our service desk will only need sufficient access to get past the OpenAthens authentication rather than access any restricted content.
  • You should enable access for only the following scopes, which are associated with the entityID https://sd.openathens.net/entity:
    • sd.openathens.net
    • 69959091.sd.openathens.net
  • If your resource does not clearly show whether a user is logged in or not, then we will also need sufficient access to at least one restricted page so that we are able to tell the difference.

You can remove this authorisation once you are live.

External applications

For external applications such as Shibboleth we will need to make our accounts aware of your metadata before we can test. Our service desk will capture what they need from your application record.

If you have added the OpenAthens federation metadata, remove it. You can leave any other federation metadata in place, but during testing the only OpenAthens metadata to enable is our test IdP: https://login.openathens.net/saml/2/metadata-idp/sd.openathens.net

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close