Joining SDSS as a Service Provider Site

Note that the SDSS Federation no longer accepts new applications to join. Applications should instead be made to join the UK Federation. The information on this page is of historical interest only.

To apply to join the SDSS federation as a Service Provider site, e-mail edina@ed.ac.uk (the EDINA helpdesk) and ask for your message to be forwarded to the SDSS team. In the e-mail, please include the following, which includes all the information we will need to fill in your <EntityDescriptor> entry in the federation metadata (see http://sdss.ac.uk/fed/sdss-metadata.xml for examples):

  • Provider type: State that you are applying to be a Service Provider.
  • Policy: A brief statement agreeing to operate in accordance with the SDSSFederationPolicy.
  • Alias: A short name (a few words at most) to identify your site.
  • Technical contact: A technical contact name and Email address. The technical contact serves as the primary point of contact for all technical issues for the organisation participating in the SDSS federation, and communicates with the SDSS Federation technical staff to ensure smooth operation of the federation's infrastructure.
  • Administrative contact: An optional administrative contact name and Email address (if different from the technical contact). The administrative contact serves as the primary registrar and administrator of the organisation's SDSS federation participation. The administrative contact is responsible for registering and maintaining technical aspects of the organisation's participation in SDSS, including Service Provider information, metadata, and technical contact information. If no administrative contact information is provided, the technical contact will be used instead.
  • Support contact: An optional support contact name and Email address. The support contact is the primary contact for error handling. It may be a helpdesk or a designated support person. If no support contact information is provided, the technical contact will be used instead.
  • Entity ID: This must be a URI identifying your service provider. If your service provider is already a member of any other federation then please give its existing entity ID, even if it appears to be federation-specific. If your service provider is not already a member of another federation, please consult EntityIDPolicy for details of the process of constructing a new entity ID.
  • Browser/POST Assertion Consumer Service Location: One or more assertion consumer service URLs for use with the Browser/POST profile, e.g., https://shibbox.uni.ac.uk/Shibboleth.sso/SAML/POST. Using default port numbers will sidestep firewall problems but is not mandatory.
  • Browser/Artifact Assertion Consumer Service Location: Optionally, one or more assertion consumer service URLs for use with the Browser/Artifact profile, e.g., https://shibbox.uni.ac.uk/Shibboleth.sso/SAML/Artifact. Using default port numbers will sidestep firewall problems but is not mandatory.
  • Attribute Requester Name: The full X.509 Distinguished Name from the attribute requester certificate, e.g., CN=shibbox.uni.ac.uk, OU=XYZ Project, O=JISC Core Middleware Programme, C=GB. Note: It helps us ensure that this information is correctly specified in your entity's metadata if you send us a copy of your certificate as an attachment to your email.
  • OrganizationURL: The URL of a web page providing a description of the organization applying to join the SDSS Federation.

We will let you know by e-mail once the Federation metadata has been updated to include the information you supplied. You will then need to download the new metadata and modify your Shibboleth configuration to match it, as described at SetupSP.