Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: attribute requirements


  • Name of your organisation as it should be presented to users
  • Domain name of your organisations
  • Public website URL
  • Logo to represent your organisation (provided as a file, with width  and height to render to).

  • Contact email addresses (ideally role-based): technical and security
  • Details on the information sent by the cloud-based IdMS in SAML messages:
    • metadata of the cloud-based upstream IdP (IdP side of the IdMS) - will be retrieved as part of the registration
    • NameIDFormat used by the IdP (will likely be urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress )
    • List of attributes sent by the IdP
      • Among the attributes should be a unique identifier for users.
      • It would help if the attribute can be confirmed as not being reassigned.  (I.e. a new user never gets the identifier of a previous different user).
      • In case your organisation also has students, an attribute that would allow to tell students apart from staff.

After testing (first deploying an instance in the Tuakiri-TEST environment), we should be in a position to turn your Production instance on.