Skip to main content
Skip table of contents

OpenAthens Wayfinder for non-members

The hosted version of Wayfinder is free to use whether or not you are a member of the OpenAthens federation.   

Wayfinder uses the SAML DS protocol and as long as your SP software does too it's just a case of configuring it to use Wayfinder as the discovery service and updating federation metadata. This will work for hosted Wayfinder whether or not you are a member of the OpenAthens federation, and you don't need to be using our Keystone software. You just need to add the relevant bits to your config and metadata and inform the federations you're in so that they can update their metadata. 

The hosted version is provided as is and we cannot extend support to non-members. You are encouraged to opt in to the mailing lists available at https://www.openathens.net/communications/ to keep up to date.

The following should get you going with a couple of the most popular SP SAML options:

Shibboleth

Add the discovery service to your shibboleth.xml configuration file in the SSO section in place of any singular IdP definition:

CODE 
 <SSO
     discoveryProtocol="SAMLDS" discoveryURL="https://wayfinder.openathens.net">
     SAML2 SAML1
 </SSO>

SimpleSAML.php

Set the options in authentication.php and then restart the service

Update the federation(s)

Your metadata should now have a relevant discovery response binding in the <Extensions> section - e.g:

CODE 
<Extensions>
   ...
      <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://shibsp.example.com/Shibboleth.sso/DS" index="1"/>
   ...
</Extensions>

Now you just need to ask the federations you have joined to update their metadata. How this is done can vary by federation, but you will usually have to tell them. If you appear in multiple federations via eduGAIN then updating just the federation you first registered with should usually be enough. 

Troubleshooting

No entities appear in Wayfinder

You may not be live in any federations yet. To check that, you would download that federation's metadata and check that your entity appears. If it's there check that it includes the expected details in the <idpdisc:DiscoveryResponse> section. The REFEDs metadata explorer tool is also an option but may be a day or so behind (https://met.refeds.org/)

Unexpected entities appear in Wayfinder

Wayfinder will surface all visible entities in each federation where your SP entity appears and has a compatible return point specified. 

  • Federations - eduGAIN means that as well as only needing to join one Academic federation to appear in many, there can be a delay between updates to the metadata in the federation you registered in and the other federations that include it picking up the change. Timezones and weekends play a part in how long it could take 
  • Debug mode - this will, when enabled on your browser, tell Wayfinder to include entities that have a hide from wayf entity category on them
I've checked the above and there's a specific federation whose IdPs don't appear

If this comes up, let us know about that federation via contact@openathens.net 

I need to embed Wayfinder rather than send users to your website

Embedding Wayfinder into your own site is only possible if you are using our Keystone software:

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close