By Mikkel Hald, 03/11/20
As reported by the Danish Agency for Public Finance and Management (in Danish), institutions connected to WAYF now have the option to utilise their established WAYF integration as their integration to Statens SSO, an SSO proxy in front of a number of governmental administrative systems.
Consequently, any institution already a WAYF member can save the integration effort in connecting to Statens SSO, as well as the running maintenance of a dedicated connection to that service. Also, an institution will have no need to consider differences from Microsoft AD in case it uses a different identity management technology.
However, a small modification to an institution's WAYF setup is required in the general case: the user attribute entryUUID (the unique serial number of the user record) must be sent to WAYF unless the Agency explicitly agrees to the institution using principal name instead. Depending on how much of the functionality of Statens SSO the institution wants to be able to use, it must also set up sending the user's cell phone number, and a number of other attributes. But only the addition of the entryUUID to the institution's WAYF setup is critical.
The option to access Statens SSO through WAYF was established following a long and thorough pilot stage, and so now can be launched as extremely well-proven.
Institutions with an interest in this option are encouraged to contact the WAYF Secretariat for assistance.