Service Provider Login Link Composer

This web page let's you compose login links for your AAI-protected resource that will redirect users directly to a specific Home Organization for authentication. This way users won't be redirected to the WAYF service at all and they also don't have to choose their Home Organization from a drop down list. Instead they just click on the login link you provide them.

Example link: Login via SWITCH (SWITCHaai)

Note:
Should the Identity Provider change its entityId, the link will have to reflect this change. Otherwise users will see an error at their Service Provider that the Identity Provider is unknown.

Recommendation:
In case your resource has users from more than 3 different organizations, it is recommended to use a Discovery Service/WAYF or the embedded WAYF.

Required information


Examples for valid Service Provider Session Initiator handler URLs are https://myhost.uni.ch/Shibboleth.sso/Login or https://otherhost.uni.ch/myapp/Shibboleth.sso/DS. Or just enter part of the entityID in order to make use of the auto-completion feature that uses data from the SWITCH Resource Registry.


Specify here the URL of the web page that the user shall be redirected after authentication. This usually is a Shibboleth protected page. If you don't have such a page yet, use https://your.host.ch/Shibboleth.sso/Session provided you are using a Service Provider 2.x. This page then will display all available attributes and other session information.


Enter the entityID of the Identity Provider that the user shall use for authentication. Examples for valid entityIDs are https://aai-login.myuniversity.ch/idp/shibboleth or https://aai.otheruniversity.ch/idp/shibboleth





Note: If you get a Shibboleth error saying "Shibboleth handler invoked at an unconfigured location", change the SessionInitiator URL from /Shibboleth.sso/Login to /Shibboleth.sso/DS. It may be that in your Shibboleth configuration file not all SessionInitiators are active.

After clicking on the above button and trying out the resulting link, just copy and paste the HTML snippet to any web page.