There are several tools available for discovering, monitoring and testing identity federations, federation entities and the software used by federation members. This page lists all of the tools we know about and their main purpose.
Tool | Responsible | Purpose |
---|---|---|
MET | REFEDS | High level reporting on the number of federations and entities that appear in each federation with some simply graph tools. |
eduGAIN IsFederated Check | GN4 Enabling Users | This tool searches all known academic identity federations for matching organisations and then displays the results. There are a few limitations you should know about but if you find it useful, you might also consider querying it via a REST/JSON API. |
eduGAIN Access Check | GN4 Enabling Users | A special eduGAIN Identity Provider to test (as a Service Provider administrator) access to your own eduGAIN Service Provider with short-lived eduGAIN identities that have different profiles (student, staff, researcher, with non-ascii characters, missing attributes, etc.). |
eduGAIN Connectivity Check | GN4 Enabling Users | Checks to see if eduGAIN entities are properly configured. |
eduGAIN Entities | GN4 eduGAIN OT | Queries the eduGAIN database against a variety of parameters such as the presence of entity categories. |
eduGAIN Attribute Release Check | GN4 Enabling Users | In development |
eduGAIN Metadata Validator | GN4 eduGAIN OT | Checks for basic compliance with eduGAIN profile requirements. |
SMEV | Aconet | SAML Metadata Viewer. Displays many aspects of SAML metadata, from many known federations (incl. the eduGAIN aggregate), in a sortable HTML table. Easily discover entities that are missing metadata elements, e.g. MDUI or Requested Attributes. Allows dynamic filtering based on all data parsed from the SAML, e.g. requested attributes, entity categories, etc. |
Pyff Monitor | SUNET | To get from Leif. |
CoCo Monitor | GN4 Harmonisation? | Checks technical compliance with the GEANT Data protection Code of Conduct. |
TestShib | Shibboleth Consortium | Testing tool for shibboleth implementations. |
Federation Lab | GN4 JRA3 / SA5 / REFEDS | A number of test tools which could be used to test identity federation protocols, OAuth, OpenID Connect and SAML. |
webisoget | Jim Fox | Command line client to retrieve SAML etc. protected web resources, see https://wiki.edugain.org/Webisoget for an example. |
ECP clients | Various | These SAML ECP clients contributed to the Shibboleth wiki can be used in monitoring SAML-protected resources (thereby testing the SP and the IDP), using the SAML ECP Profile which has specifically been written for automated/programmatic retrieval of SAML protected resources (without resorting to the non-interoperable trickery required to make e.g. webisoget work with a specific SAML IDP). |
https://mec.wayf.dk/ | WAYF.dk | WAYF's metadata explorer tool. |
Sherlock | HEAnet | Self service webui that allows a federation member/IdP administrator to add login checks to federated services. Includes checks for common SP's (e.g. EBSCO, Filesender). Uses CasperJS headless browser |