Context Handler Test IDP - kmd-identity/documentation GitHub Wiki

KMD Identity supports acting as a OIOSAML3-based Identity Provider for Context Handler 2's exttest environment by using our Test IdP. It is not necessary to use KMD Identity to use the Test IdP.

If you want to test how your application works using this new version of Context Handler this can be done by:

1. In your application navigate to the ContextHandler identity provider dropdown page.
2. Select "KMD Identity Test IDP - PROD".

This will forward you to our Test IdP with a ContextHandler 2 specific set of default claims already filled out.

The default claims have a privilege intermediate claim with a job role and a claim specific to our idp and test app. To allow for job roles and getting the user roles your system needs:

1. Base64 decode the privilege intermediate and adapt that to the jobrole and scope you wish the test idp to send.
2. Then encode it again and copy it into the value field below the privileges intermediate in the testidp.

If a constraint is needed that should be sent as a separate claim, see the Kmd.dk/dev_kmd_test_applications_customerNumber/1/parametric claim for an example of this. This can be replaced with the needed constraint. If none is needed it can be deleted. Context Handler 2 will then map this according to the user system roles set up in your system. More information about Context Handler and roles can be found here.

If you just wish to see how the login/logout flow works in our test application you can:

1. Navigate to: test.identity.kmd.dk and select a test app.
2. Select "Context Handler 2 - TEST - KMD Identity" on our Identity Provider selection page.
3. On Context Handler select "KMD Identity Test IDP - PROD".
4. Scroll to the bottom of the Test IdP page and select Submit. This will log you into our test applications with a test privilige intermediate claim. Afterwards you can select logout to see that flow.