WAYF test service

Login
Protocol: SAML OIDC (id_token) WS-Fed Passive Login
Request flags: isPassive forceAuthn
NameIDPolicy: None Transient Persistent

"Scoping" - first select one or more IdP(s), then select method
DS IdP(s):
Method: None BIRK Scoping Param Vvpmss

RequestedAuthnContext
Comparison:

Level of Assurance / AuthContext check:

Hybrid environment - dynamic "features" - sets a cookie that modifies the hybrid hub's normal behavior. For testing new features and responses to e.g. error conditions:
trace SAML messages
Hub -> IdP:
Signature Algorithm: ed25519 rsa512 rsa384 rsa256 default
Flow: MD id_token code code+PKCE PKCE
wantRequesterID
Hub -> SP:
Signature Algorithm: ed25519 rsa512 rsa384 rsa256 default
encryptAssertion signingError scopingError timingError All Attributes

Choose backend - wayf-qa only works in a "fresh" browser
wayf-qa wayf-09 wayf-10