Singapore Access Federation (SGAF)

A SAML 2.0 Federated Identity Management System for Singapore's R&E community

Local Entity Requirements to Join the SGAF

General Requirements

  • Member of SingAREN
  • Acceptance of the Singapore Access Federation Rules

Service Provider (SP) Requirements

  • SAML2.0 compatible Service Provider such as Shibboleth SP

Identity Provider (IdP) Requirements

  • SAML 2.0 compatible Identity Provider such as ADFS, Shibboleth IdP, etc or a directory service such as AD, LDAP, etc
  • Provide at minimum, the following core attributes
    • displayName (oid:2.16.840.1.113730.3.1.241)
    • email (oid:0.9.2342.19200300.100.1.3)
    • eduPersonPrincipalName (oid:
    • eduPersonPrimaryAffiliation (oid:
    • eduPersonAffiliation (oid:
    • eduPersonTargetedID (oid:
    • organizationName (oid:

Note: If your institution only has a directory service, a SAML2.0 IdP needs to be installed and connected to the directory service before connecting to the SGAF. Please follow the Shibboleth IdPv3 Installer by AAF Guide.

SGAF Metadata

The SGAF Metadata is an important part of the SAML Federation. In essence, it is a directory of registered, trusted and approved entities within the SGAF, allowing only Identity Providers (IdP) and Service Providers (SP) found within the metadata to communicate with each other.

The SGAF Metadata Registration Practice Statement (MRPS) describes the metadata management process conducted by the SGAF Federation Operator.

The SGAF SAML Web Single Sign-On Technology Profile defines a standard that enables Identity Providers and Relying Parties to create and use Web Single Sign-On services with SAML.

Metadata Repository

Metadata Documents

Connecting to the SGAF

Entity Installation

Identity Provder

Service Provider


Please contact if you are experiencing any technical issues related to the SGAF.