Are you a Research Community looking to enable Federated Identity Management? Not sure where to start with your Authentication and Authorisation Infrastructure (AAI)? Here are some pointers to resources that members of FIM4R have found useful.
Understanding AAI
So, your Research Community wants to make a set of online Service Providers available to the Research and Education Community? There are many aspects to creating your Authentication and Authorisation Infrastructure (AAI), plenty of useful guidelines on the technical and policy aspects can be found on the AARC Website.
Using a hosted AAI
Several providers offer a hosted solution for Research Communities looking for an Authentication and Authorisation Infrastructure. Several solutions (in no particular order!) used by the community are:
- CiLogon from NCSA
- eduTEAMS from GÉANT
- EGI Check-in from EGI
Running your own AAI
Your Research Community may prefer to run and maintain their own infrastructure. The following are some suggestions of software stacks used by members of FIM4R:
- eduTEAMS from GÉANT
- EGI Check-in from EGI
- INDIGO IAM from INFN
- The IdPy software stack, including
- COmanage for Collaborative Organisation Management
Testing
Testing your AAI before going live can be difficult with Federated Identity Management. Several Authentication Providers are available to help:
- SAML Identity Provider: https://samltest.id
- OIDC Provider: https://openidconnect.net
- OIDC Provider Comparison: https://orpheus.data.kit.edu/
Communities to join
The Identity Federation space is constantly evolving, being active in the community can make you life much easier and ensure that your use cases are being heard.
- Join the REFEDS Community via their mailing list and slack channel – the SPOG (Service Provider Operators Group) Working Group has been created for people just like us!
- Make sure to also join the FIM4R Mailing list.