The Incommon Federation Discovery Service enables a user sign in using their preferred sign in credentials from any participating institutions in InCommon and global research and education (R&E) federations. It helps the user find and (optionally) remember their preferred institution during sign in.
Using the Discovery Service
As a user
When you attempt to access a service that has been configured to use the Discovery Service, on sign-in, the service (Service Provider, or SP) will redirect you to the InCommon Discovery Service.
If you have not previously visited the Discovery Service, or elected to not have the Discovery Service to remember your selection, the Discovery will prompt you to choose the institution you wish to sign in from.
Make your selection from the drop down, and optionally check the "Remember my selection" box, and you'll be taken to your institution's sign-in page to sign in.
If you have previously elected to remember your selection, you'll skip the Discovery prompt and be taken directly to your institution's sign-in page.
Curious about how Discovery Service works under the hood? SWITCH (InCommon's counterpart in Switzerland, who developed the software) has a nifty demo.
As an Identity Provider
Configuring your institution's Identity Provider (IDP) to be part of the InCommon Discovery Service is straight forward:
Make sure your IDP metadata contains the appropriate DisplayName, InformationURL, PrivacyStatement URL, and Logo information in the MDUI (metadata user interface) section. The Discovery Service will use those elements.
Make sure to uncheck the "hide from discovery" check box in Federation Manager. IDPs with that option checked is excluded from the Discovery Service drop down.
Publish your IDP metadata in InCommon using Federation Manager.