Skip to content
Switch branches/tags
Go to file

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Step-up Gateway

Build Status Scrutinizer Code Quality SensioLabsInsight

This component is part of "Step-up Authentication as-a Service". See Stepup-Deploy for an overview and installation instructions for a complete Stepup system, including this component. The requirements and installation instructions below cover this component only.


  • PHP 7.2
  • Composer
  • A web server (Apache, Nginx)
  • MariaDB 5.5+ (MySQL should work as well)
  • syslog (or change the logging configuration in /app/config/logging.yml)


Clone the repository or download the archive to a directory. Install the dependencies by running composer install && yarn install and fill out the database credentials et cetera.

Make sure to run database migrations for u2f using bin/console u2f:migrations:migrate.

The Gateway is configured to only accept connections over SSL. Disable this under nelmio_security in config.yml or run the web server using a (self-signed) certificate.

Developer options

Mock Yubikey service

If you are not in possession of an actual Yubikey device, using the Mock Yubikey service might prove useful. This mock service was created for end to end test purposes, but could be utilized in this situation. To use the mock service:

  1. Update your src/Surfnet/StepupGateway/ApiBundle/Resources/config/services.yml
  2. Find the surfnet_gateway_api.service.yubikey service
  3. Update the service definition to point to this class: class: Surfnet\StepupGateway\ApiBundle\Tests\TestDouble\Service\YubikeyService
  4. Do not commit/push this change!

Release strategy

Please read: fro more information on the release strategy used in Stepup projects.


Documentation specific to this component is located in the docs directory in this repository:

Documentation for the Stepup system can be found in the