OpenAthens
      Back to home
      1. Help and Support | Digital Theatre+
      2. Authentication
      3. OpenAthens

      Using OpenAthens for SAML Single Sign On

      This article includes information that may assist organisations who use OpenAthens for SAML Single Sign On (both via Federations and via bilateral trust)

      Please not that Digital Theatre+ is not federated within the OpenAthens Federation.

      Digital Theatre+ supports authentication using OpenAthens via Federations (such as UK Access Management Federation or InCommon) or bilateral (1:1) trust.

      Allocate the Digital Theatre+ application

      openathenscatalogue

      Required attributes

      Customers wishing to authenticate via SAML Single Sign On will need to release either:

      1. eduPersonPrincipalName (and the value matches an email syntax), or,
      2. eduPersonTargetedID and eduPersonScopedAffiliation (which OpenAthens releases by default)

      eppn

      Supporting information

      Information to provide Digital Theatre+

      For access via UK Federation

      Please provide the entity ID associated with your organisation, so that we may access your metadata via the Metadata Explorer Tool.  For example: https://shib.raven.cam.ac.uk/shibboleth

      For access via bilateral (1:1) custom SAML trust

      Please provide the URL to your Identity Provider's Metadata XML file.  For example: https://login.openathens.net/saml/2/metadata-idp/lindenwood.edu

      Supporting information

      Configuring OpenAthens for access via UK Federation or InCommon Federation

      Restrictive mode

      • You will need to allocate the Digital Theatre+ resource.  You can do this by searching for the resource in the catalogue using our Service Provider entity ID: https://auth.digitaltheatreplus.com

      restrictive

      Permissive mode

      • You do not need to allocate the resource.

      Configuring OpenAthens for access via bilateral (1:1) trust

      • You will need to upload the Service Provider Metadata XML file that will be provided by support@digitaltheatreplus.com in order to create a custom SAML resource in your catalogue.
      • Instructions for doing this are available in the OpenAthens Identity Documentation
      • If your OpenAthens instance is in restrictive mode, you will need to allocate it as described above