Shibboleth Identity Provider Deployment

IdP Components and Environment
The Shibboleth Identity Provider (IdP) is a Java application that runs on a Java web application server (i.e. Apache Tomcat, Jetty).
uApprove was an application to let the user approve attribute releases, developed by SWITCH for IdPv2.x. Since IdPv3, similar functionality is part of the distribution.

Deployment Guides

Certificate Roll-Over

Attributes about Users that need to be supported

Every SWITCHaai Home Organization has to be able to provide a certain set of user attributes to resources. See the AAI Attributes page for details.

Shibboleth IdP 4.x & 5.x

See the Shibboleth IdPv4 & IdPv5 page.

Shibboleth IdP 3.x

Installation and Configuration

Learn how you can configure what regarding user consent for Shibboleth IdPv3:

Migration and Upgrades

Interfederation Support

The following guide explains how an Identity Provider can be configured to allow its users to access AAI resources in other federations outside of Switzerland. For deployment instructions, have a look at the interfederation deployment guide.

Design Templates

Best Current Practices for SWITCHaai service operations

Best current practices for operating a SWITCHaai Identity Provider

Further Documentation