SSO Migration to New Entity IDs
We are making important changes to our Single Sign-On (SSO) configuration. This migration involves updating the entity IDs you currently use to access our platform. Please review the information below to ensure a smooth transition.
Why Are We Making This Change?
The migration to new SSO entity IDs is part of our ongoing efforts to improve the security and performance of our systems. The new Entity IDs are designed to offer better reliability and efficiency. Updating your configurations to use these new entity IDs will help ensure a safer and more robust authentication process.
Transition Period
The old SSO entity IDs will remain active until December 31, 2024. During this period, please update your configurations to use the new entity IDs to avoid any disruptions in service, and keep the old entity IDs listed as well.
What You Need to Do
Most likely you have one of our old Entity IDs (one ending in “/shibboleth”) listed in your IDP configuration. Keep that there for now (until December 31, 2024), but add in our new Entity ID also. The same attributes should be released to the new Entity ID that are being released to our old Entity ID.
You only need to list one new Entity ID – the one corresponding to your region – not all 4 new entity IDs. For example, if you have https://sso-usa.sona-systems.com/shibboleth
listed currently, then add in https://usa.sso.sona-systems.com
also.
Once you add in the new Entity ID, please let us know and we’ll adjust your Sona site to make use of the new entity ID
Current Entity IDs (Valid Until December 31, 2024)
Location | Old Entity ID |
---|---|
North America and South America | https://sso-usa.sona-systems.com/shibboleth |
Europe, Middle East, and Africa | https://sso-europe.sona-systems.com/shibboleth |
New Entity IDs
Location | New Entity ID |
---|---|
North America and South America | https://usa.sso.sona-systems.com |
Canada | https://canada.sso.sona-systems.com |
Europe, Middle East, and Africa | https://europe.sso.sona-systems.com |
Asia/Pacific | https://asia.sso.sona-systems.com |
Required Attributes
To ensure seamless integration, please configure your systems to provide the following attributes as part of the Research & Scholarship (REFEDS) bundle. Most likely, this is already configured for our old Entity ID, so you just need to ensure the same configuration for our new Entity ID.
- eduPersonPrincipalName (urn:mace:dir:attribute-def:eduPersonPrincipalName, urn:oid:1.3.6.1.4.1.5923.1.1.1.6 )
- mail (urn:mace:dir:attribute-def:mail, urn:oid:0.9.2342.19200300.100.1.3)
- givenName (urn:mace:dir:attribute-def:givenName, urn:oid:2.5.4.42)
- sn (urn:mace:dir:attribute-def:sn, urn:oid:2.5.4.4)
For more detailed information on SSO integration, please visit our SSO Integration page.