diff --git a/LocalSettings.php b/LocalSettings.php
index 1786c13..241683b 100644
--- a/LocalSettings.php
+++ b/LocalSettings.php
@@ -643,9 +643,8 @@ function loadenv($envName, $default = "") {
             # UBCAuth required attributes:
             # eduPersonAffiliation, an array of (staff, student, faculty, etc)
             'eduPersonAffiliationAttribute' => 'urn:oid:1.3.6.1.4.1.5923.1.1.1.1',
-            # non-standard attributes, uncertain OIDs
-            # ubc's puid
-            'puidAttribute' => 'ubcEduCwlPuid',
+            # ubc's puid, non-standard attribute/OID
+            'puidAttribute' => 'urn:mace:dir:attribute-def:ubcEduCwlPuid',
         ]
     ];
 
diff --git a/docker-compose.yml b/docker-compose.yml
index f869b4d..960d0de 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -159,6 +159,9 @@ services:
 #      - MEDIAWIKI_API_URL=http://web/w/api.php
 #      - PARSOID_DOMAIN=localhost
 #      - PARSOID_URL=http://parsoid:8000
+# parsoid is now integrated into mediawiki since 1.35
+# restbase is being deprecated
+# TODO: we might not need nodeservices anymore in the next lts
   nodeservices:
     image: ubcctlt/mediawiki-node-services
     ports:
diff --git a/docker/simplesamlphp/idp/config/authsources.php b/docker/simplesamlphp/idp/config/authsources.php
index 3d31e21..48c21d3 100644
--- a/docker/simplesamlphp/idp/config/authsources.php
+++ b/docker/simplesamlphp/idp/config/authsources.php
@@ -100,30 +100,30 @@
             'student01:student01' => [
                 'uid' => ['student01'],
                 'displayName' => 'Student 01',
-                'ubcEduCwlPuid' => 'PUIDST01',
-                'eduPersonAffiliation' => ['member', 'student'],
+                'urn:mace:dir:attribute-def:ubcEduCwlPuid' => 'PUIDST01',
+                'eduPersonAffiliation' => ['student'],
                 'mail' => 'student01@example.edu'
             ],
             'instructor01:instructor01' => [
                 'uid' => ['instructor01'],
                 'displayName' => 'Instructor 01',
-                'ubcEduCwlPuid' => 'PUIDIN01',
+                'urn:mace:dir:attribute-def:ubcEduCwlPuid' => 'PUIDIN01',
                 'alt' => '51092d7f-2f38-4a91-bfb0-13a021c02df3',
-                'eduPersonAffiliation' => ['member', 'student'],
+                'eduPersonAffiliation' => ['faculty', 'student'],
                 'mail' => 'instructor01@example.edu'
             ],
             'employee:employeepass' => [
                 'uid' => ['employee'],
                 'displayName' => 'Employee 00',
-                'ubcEduCwlPuid' => 'PUIDEM00',
-                'eduPersonAffiliation' => ['member', 'employee'],
+                'urn:mace:dir:attribute-def:ubcEduCwlPuid' => 'PUIDEM00',
+                'eduPersonAffiliation' => ['staff', 'alumni'],
                 'mail' => 'employee@example.edu'
             ],
             # intended to simulate a basic CWL account
             'blockme01:blockme01' => [
                 'uid' => ['blockme01'],
                 'displayName' => 'Block Me01',
-                'ubcEduCwlPuid' => 'PUIDBM01',
+                'urn:mace:dir:attribute-def:ubcEduCwlPuid' => 'PUIDBM01',
                 'eduPersonAffiliation' => [],
                 'mail' => 'blockme01@example.edu'
             ],
diff --git a/docker/simplesamlphp/idp/metadata/saml20-sp-remote.php b/docker/simplesamlphp/idp/metadata/saml20-sp-remote.php
new file mode 100644
index 0000000..0106a05
--- /dev/null
+++ b/docker/simplesamlphp/idp/metadata/saml20-sp-remote.php
@@ -0,0 +1,30 @@
+<?php
+
+$metadata['http://wiki.docker:8080/_saml2'] = [
+    'SingleLogoutService' => [
+        [
+            'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
+            'Location' => 'http://wiki.docker:8080/_saml2/module.php/saml/sp/saml2-logout.php/wiki-sp',
+        ],
+    ],
+    'AssertionConsumerService' => [
+        [
+            'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
+            'Location' => 'http://wiki.docker:8080/_saml2/module.php/saml/sp/saml2-acs.php/wiki-sp',
+            'index' => 0,
+        ],
+        [
+            'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact',
+            'Location' => 'http://wiki.docker:8080/_saml2/module.php/saml/sp/saml2-acs.php/wiki-sp',
+            'index' => 1,
+        ],
+    ],
+    'contacts' => [
+        [
+            'emailAddress' => 'lt.hub@ubc.ca',
+            'givenName' => 'UBC LT Hub',
+            'contactType' => 'technical',
+        ],
+    ],
+    'certData' => 'MIIEcTCCAtmgAwIBAgIUWmBx+tf9d7hKrFe9sjuhClKXFZ8wDQYJKoZIhvcNAQELBQAwSDELMAkGA1UEBhMCQ0ExEjAQBgNVBAcMCVZhbmNvdXZlcjEMMAoGA1UECgwDVUJDMRcwFQYDVQQDDA5zcC53aWtpLmRvY2tlcjAeFw0yNDA3MDQwOTA4MzZaFw0zNDA3MDQwOTA4MzZaMEgxCzAJBgNVBAYTAkNBMRIwEAYDVQQHDAlWYW5jb3V2ZXIxDDAKBgNVBAoMA1VCQzEXMBUGA1UEAwwOc3Aud2lraS5kb2NrZXIwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDCEa0f5ZJhpSU+Xc0WNohbxTzpmDkqgI0rtWCmL5vqJakPCHnWnq0icCX2/zwh6//WP+9UPgO1ifHUhNC/NEJhBKGJjtNNKaV+AwUzj43IiLMqgkhMEvkqNePuKNBh/lvzjLl3KYMrLAEZKx+AluMaS7us5CmR9lyhY9nHZS0P1FRjwJ6SJ1o0HEuXHkH5eRotaRtrd8L+L93R9SaIBpgAy0XMkgFDqGmX7NbVAMT6cPNEVmj63J5veMtpCN5mQRXpZFPCSbmXOGlyy7S3cilpSk8QA8QOkt4EB+I6G5W/aaG8hNs4QHKkKMReJ/oHQbQXIJ2d4oMsQaEXk3FtTIbl4l7fKS+LvhCHvB9z8q/ueh3bAIcpSxGzg3oTScZM5ZZAqzjYxCMYdI+3h44FPUtDsZdwezFN/B+JsITQouaYzuRxjUV6uNGhZXSRb+st3VYIBg0+mIvowDyBHgQvOaAZ8/UuSqcfrMH/AwTVY2Ej2YzerKDCwchHmpv5sXRY+o8CAwEAAaNTMFEwHQYDVR0OBBYEFIUt4n/0ouPzNfRNonY/EtJhHXPfMB8GA1UdIwQYMBaAFIUt4n/0ouPzNfRNonY/EtJhHXPfMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggGBAAK5QNOmFjLmQZdfWURK+hyCN08RIB6qOgKxuMG6j6u4brKOhktRAx+8hwrgVH96+fW3DkELsNGTTjUzxJvXM01cDDn2lUNMhLA2InHTsFe2zbmKG5sSl0wOFhi0kBnkGL8di3FgnqJJs8sTcQWajoFiEPa0yW3Gad/S6JSPgrHMlPkMPgZ8Vw8aYVprronbj9eiGWzRO5vFrE6YMn2l9es/pVJKzsb362EPhFekJA6f+6Ek2rfPRd0KiF5+Pln8KSooRmXpOZkM2CUfgOmb3lT9mwel2wemnXjUj0sjN5luotbK6YVhnwuq9d1O1a8Lhx8HLLasV7bR1hg9rjz+K2nv1XqWYsiFJelkgD4DOcFP68I/eiUiAf6jqh5+YJuqFXkXS9P6ohOXn5sbiV69+VV64JXG31emPgX/mm/41Bq2j5ESYak1I4RCPdLPpsjPWUMUKAXrRjbj8UZBf5w3Uv7tc4SY+Sc8mcBw0/14Ossz5h2ZLBW0j1QKqDWwSyWn5A==',
+];