forum.sunet.se

Owned by rasmus.larsson
Last updated: Feb 10, 2023
2 min read

This instruction describes the details needed for you to use your Skolfederation IdP to connect to Nätverk e-ID i Skolan and other networks that are hosted on forum.sunet.se.

Technical prerequisites

To be able to logon to forum.sunet.se from your IdP, your IdP must be uploaded to Skolfederation. forum.sunet.se is a service that originates from the Swedish Academic Identity Federation (SWAMID), and is available in Skolfederation via the interfederation FIDUS. Due to this exchange of services and IdP’s beyond Skolfederation, it may take up to 1 hr 30 min from your upload of IdP metadata to Skolfederation until you will be able to login to the service. If you have IdP metadata already uploaded in Skolfederation, this should not be an issue.

Scope

Your IdP metadata will need to have the Scope attribute set, as eduPersonPrincipalName (ePPN) is required by the service. For more information about Scope, click here.

Technical details

You will also need to set up trust in your IdP with the technical details below, and deliver the required attributes in the SAML assertion.

Service Provider Information

 

 

 

Comment

 

 

Comment

entityID

https://humhub-idp-proxy.sunet.se/sp

Is found in Skolfederation metadata.

AssertionConsumerServiceURL

(ACS-URL)

https://humhub-idp-proxy.sunet.se/Saml2SP/acs/post

For use in IdP’s that do not support automatic SP configuration from metadata, i.e. G Suite IdP.

Start-URL

https://forum.sunet.se/

For use in portals, links and so on.

Start-URL (logon initiation)

https://forum.sunet.se/user/auth/external?authclient=saml

As above but a link that directly initiates the SAML login flow from the service.

Attribute requirements

The following attributes are required in the SAML Assertion for a successful login.

Attribute

OID

Required?

Attribute

OID

Required?

eduPersonPrincipalName

urn:oid:1.3.6.1.4.1.5923.1.1.1.6

Yes

displayName

urn:oid:2.16.840.1.113730.3.1.241

Yes

givenName

urn:oid:2.5.4.42

Yes

sn

urn:oid:2.5.4.4

Yes

mail

urn:oid:0.9.2342.19200300.100.1.3

Yes

For definitions of the attributes and their format, please find Skolfederations attribute profile here:

https://www.skolfederation.se/teknisk-information/attribut/

Help

If you’re having trouble configuring your IdP, talk to your IdP partner or consultant. They can help you in the best way configuring this service.

If you have other questions, please feel free to contact us at info@skolfederation.se.

Not a Skolfederation user organization (IdP)?

For access to the service if you are a service provider or another type of organization, you can use eduID. For more information, visit https://eduid.se/.