Baseline Expectations V2 office hours

Tuesday, September 28, 2021


  • Several community members  

   CTAB and Internet2 staff:

  • David Bantz, U. Alaska
  • Brett Beiber, U. Nebraska
  • Jon Miner, U Wisconsin-Madison
  • Andy Morgan, Oregon State U
  • Johnny Lasker, Internet2  
  • Albert Wu, Internet2
  • Tom Barton, Internet2
  • Netta Caligari, Internet2


  • Several team members joined from one medical school organization 
  • This team just recently became aware of BEV2 when a previous InCommon Exec forwarded the email. 
  • They need to bring their InCommon Federation contact info up to date
    • Previous InCommon contacts at their institution have moved on
    • Albert provided info on how to define a new Exec Contact, and new  Site Admin, etc.
  • Running a Shib instance, migrating to Azure SSO.
  • Albert:
    • If migration from Shib to Azure is planned for about 6 months from now or more, it makes sense to update Shibboleth
    • If migration is imminent, note that there are issues with Azure meeting all the federation requirements, and there will be a need for a bridging product
  • Details about Azure not working out of the box
    • There are some requirements in the R&E community that are not commonly found in commercial products.
    • Example, NIH requirement for MFA
    • For Azure, there is a need to use a bridging product; it's possible to  use an in-house hosted solution, such as Shibboleth
    • More commonly: use a commercial product, such as CIRRUS Identity Bridge,  or Unicon,
    • refer to Catalyst page that lists solutions
    • RDCT may be of interest as a consulting resource, they do work with NIH 

  • Question: how to do an inventory of who is using their federated metadata? 
  • Albert: see inside your Shib transaction logs
  • Noted that   is a helpful site.

Concern about BEV2 emails  

  • Two community members said they have met Baseline Expectations but are still getting emails saying they have  not.
  • In both cases, the issue seemed to be failure to publish updated metadata with the SIRTFI box checked
  • It was noted that also sometimes updates to meet BEv2 are made after the cutoff for the report that triggers emails from InCommon

Feedback from a Service Provider 

  • The timeline on BEV2 provided enough time to make the necessary changes/updates  
  • The InCommon Federation User Interface works well


  • No labels