LS RI Service Provider Registration: need for technical details

[jos4uke]

Hi

I recently installed an instance of FAIRDOM-SEEK for a private project. I didn't find much administration documentation to guide me through configuration of external authentication such as LS Login.

I looked for LS Login instructions for relying parties, and get to their registration form but I am struggling now how to fill in the technical information (https://webapp.aai.lifescience-ri.eu/sp_request?).

Could you provide some guidance on which protocol should be given to register my seek instance?

• SAML2 / SAML2 metadata link ? or
• OIDC / OIDC supported grants / redirect URLs ?

Thanks in adavance

Jos

SAML2 screenshot

OIDC screenshot

[fbacall]

Hi Jos. SEEK is using OIDC and the Authorization Code flow (I think that option is scrolled off your screen shot).

The redirect URL would be:

https://yourinstance.org/identities/auth/elixir_aai/callback

Noted that this needs to be described somewhere in the admin page/docs.

However, there are a few open issues relating to LS-Login support that you will likely be blocked by, the main one being #1030 :(

If you would like to try working around it (and it would really help us out if you figure it out), I left some details in a comment about where the configuration is currently stored, and where details on the LS-Login settings can be found: https://github.com/seek4science/seek/issues/1030#issuecomment-1498742629

[jos4uke]

Hi @fbacall

Thanks for the detailed information, it is very useful ^^

I will register my client and see how it goes. I will try to figure out what is blocking, and would be glad to help you debug this issue #1030. We keep in touch.

Best wishes