Discovery Service Integration

Discovery Service Integration

By far the easiest integration is to use Seamless Access service as a standard SAML identity provider discovery service (DS). The DS URL is https://service.seamlessaccess.org/ds - you will use this URL in your SPs configuration where appropriate. Here is how to do this for two common SP software stacks:

Shibboleth

In the file /etc/shibboleth/shibboleth.xml modify the SSO element to read:

1 2 3 <SSO discoveryProtocol="SAMLDS" discoveryURL="https://service.seamlessaccess.org/ds/"> SAML2 </SSO>

For a complete set of options related to discovery see the shibboleth documentation.

SimpleSAMLphp

In authsources.php (relative to the SSP config directory) find your SAML authentication source (often named ‘default-sp’) and set the discoURL parameter to https://service.seamlessaccess.org/ds/:

1 2 3 4 5 6 'default-sp' => array( 'saml:SP', 'entityID' => NULL, 'discoURL' => 'https://service.seamlessaccess.org/ds/', .... ),

For more details visit the SSP documentation.