BBMRI to LS AAI service migration

Owned by Peter Bolha
Last updated: Dec 12, 2024
1 min read

Necessary steps

Based on the protocol your service is using, you should update the following values in your configuration:

OIDC

  • CURRENT: discovery_endpoint: https://login.bbmri-eric.eu/oidc/.well-known/openid-configuration

  • NEW: discovery_endpoint: https://login.aai.lifescience-ri.eu/oidc/.well-known/openid-configuration

SAML

  • CURRENT: metadata_uri: https://login.bbmri-eric.eu/proxy/saml2/idp/metadata.php

  • NEW: metadata_uri: https://login.aai.lifescience-ri.eu/proxy/saml2/idp/metadata.php

If you are using issuer information, for example, to identify where the user was authenticated, you may have to adjust your checks. With the discovery_endpoint/metadata_uri change, the received issuer information will change to:

OIDC

  • CURRENT: issuer: https://login.bbmri-eric.eu/oidc/

  • NEW: issuer: https://login.aai.lifescience-ri.eu/oidc/

SAML

  • CURRENT: <saml:Issuer>https://login.bbmri-eric.eu/idp/</saml:Issuer>

  • NEW: <saml:Issuer>https://login.aai.lifescienceri.eu/idp/</saml:Issuer>

If you are not using the issuer, you may ignore this change.

Recommended steps:

To ensure proper communication between your service administrators, support team, users, and Perun, please check you have the correct contact information filled out in the Service Registration application.

Screenshot 2024-12-11 at 16.04.45.png

The Administration contact should be an email of a person or a mailing list of people who personally receive information about events such as updates of service attributes or migrations. It should not point to an automated ticketing system.

The Support contact can be a personal email or an automated ticketing system that is designated to process regular user requests.

 

 

Support: perun@cesnet.cz