SAML Identity Provider Services

Home > Services > Identity & Access > SAML Identity Provider Services

*SAML (Security Assertion Markup Language) is an XML-based framework for authentication and authorisation between two entities: a Service Provider and an Identity Provider . SAML is a standard single sign-on (SSO) format.

Standby SAML Identity Provider

This service will process SAML authentication requests on HEAnet infrastructure when HEAnet detects that the primary SAML Identity Provider service is unavailable on campus.

The service includes Active Directory replication via VPN tunnel, the Identity Provider is based on Shibboleth or Microsoft Active Directory Federation Services.

Hosting SAML Identity Provider

With this service, HEAnet host a Shibboleth Identity Provider service on its infrastructure to authenticate users over a VPN tunnel to the campus Active Directory.

The service includes the institutional branding, directory schema mapping, monitoring, maintenance and allows for a hostname within the institutions DNS domain.

Managed SAML Identity Provider

HEAnet’s Managed SAML Identity Provider service provides remote monitoring and management of an institutions Shibboleth Identity Provider, this management extends to multiple instances whether on-campus or hosted by HEAnet.

The service is designed to allow an institution to rely on HEAnet’s expertise for troubleshooting Shibboleth Identity Provider issues or planning for campus directory changes or co-ordination with new SAML service providers who are not Edugate compliant.

For further details, please contact our services desk

Shibboleth Identity Provider Upgrade

Institutions who wish to upgrade their Identity Provider service between one major version and a subsequent version can follow guides provided by the Shibboleth consortium or avail of this HEAnet service.

HEAnet will upgrade existing deployments ensuring customisations such as login pages, attribute resolution scripts or attribute release customisations are ported to the latest Shibboleth version. Prices vary by the number of Shibboleth nodes deployed and the number of bilateral services configured (if any).

For further details, please contact our services desk

Bilateral SAML Configurations

HEAnet will engage with services providers to join Edugate and assist institutions availing of such member services at no charge to the institution.

Where service providers do not wish to join Edugate and support SAML, HEAnet can configure a bilateral trust between the institutions identity provider service and the service provider.

HEAnet has configured bilateral configurations for the services below, if a service is not listed, or for pricing information, please contact our service desk

Multifactor Authentication

HEAnet can integrate your existing MIRACL, DUO or Azure multifactor authentication services with all our SAML Identity Provider Service offerings.

For further details, please contact our services desk

More Information

Contact our Service Desk, Monday to Friday 09:00 – 17:30
Tel: +353 (0)1 6609040

SLA Managed IdP24/7 Support