WACREN EduID is a Federation as a Service (FaaS) pilot of infrastructure for federated authentication and authorization among participating organisations to promote the use and adoption of Identity Federations and shared e-Research services. The main goals are to
- build on successes in ei4Africa and ongoing H2020 projects to bootstrap the uptake of federated identity and deployment of AAI infrastructure
- provide a registry and discovery service with easy to use tools and a comfortable entry point for the NRENs, enabling them to roll out Identity Federations in their countries in a scalable manner with policies based on current best practices.
- interfederate with eduGAIN - the GÉANT service that interconnects identity federations around the world, simplifying access to content, services and resources for the global research and education community
The WACREN EduID Identity Federation is jointly managed by WACREN and its NREN members and comprises members of the research and education community in the region. They belong to the two following categories:
- Identity Providers (IdP): the entities (e.g. academic and research institutions, enterprises, etc.) authenticating their users and certifying their identities.
- Service Providers (SP): the entities providing services to the federation. They may receive individual users' personal data, under consent, with the purpose of authentication and provision of personalized services.
The participation of an Identity Provider in EduID provides multiple benefits to its users:
- logging into a federated service is performed using the user's existing institutional account, without requiring separate authenticaiton - A user registers only once with his/her so-called home organization to which the user is affiliated. This home organization is responsible for maintaining the user related information and provides the user with the credentials. Home organizations can be institutions like universities, research institutes, colleges etc.
- Authentication is always carried out by the user's home organization and the user's identity, position and affiliation are only optionally transmitted to Service Providers with the user's consent, allowing fully anonymous and trusted access.
- An access control decision can made by the service based on the retrieved information about the user.
Accordingly, a Service Provider may benefit from joining WACREN EduID by being able to offer services to a large community through a central access mechanism without the need for "ad hoc" user authentication methods.
Interfederation extends these benefits to an international level and expands the range of services an organisation can extend to its users. More in this short video on "How to benefit from interfederating through eduGAIN"