Services and Endpoints

SWAMID has the following recommendation regarding Discovery Services:

QA

There is also a QA discovery service which can be used for test and pre-production use.

Adding Discover service

Shibboleth

In /etc/shibboleth/shibboleth2.xml update with selected URL in 

...

$config = [
...
    'default-sp' => [
     ....
        'discoURL' => 'https://service.seamlessaccess.org/ds',
     ....
     ],
....
];

Filtering of Identity Providers in SeamlessAccess

Since 2025-03-12 service.seamlessaccess.org/ds/ have an option to filter which IdP:s that should be available. For more info see SeamlessAccess info-page.

To activate Identity Provider filtering you must add the filtering option to the Service Provider metadata and configure the same profile in your Service Prover configuration. SWAMID have made 2 profiles available in metadata.swamid.se.

Adding profile to Metadata of SP

1. Login to  Metadatametadata.swamid.se
2. Create a Draft from your SP
3. Click on the pen besides EntityAttributes
4. Below entity-selection-profile select one of the profiles
   • swamid - Registered in SWAMID
   • edugain - Registered in SWAMID or imported from eduGAIN
5. "Request publication"

...

Configure profile in Service Provider software

DiscoveryURL should be one of the following

• "https://service.seamlessaccess.org/ds/" - no filtering of Identity Providers.
• "https://service.seamlessaccess.org/ds/?trustProfile=edugainswamid" - if you only want eduGAIN or SWAMID IdP:s.
• "https://service.seamlessaccess.org/ds/?trustProfile=swamidedugain" - if you only want eduGAIN or SWAMID IdP:s s.

Example of using SWAMID only filtering in Shibboleth:

<SSO discoveryProtocol="SAMLDS" discoveryURL="https://service.seamlessaccess.org/ds/?trustProfile=swamid"> SAML2 </SSO>