Who should read: This section is for those who wish to register an online resource that will rely on an InCommon-registered identity provider to authenticate a user and to provide any necessary user information. 

What is a Service Provider?

A Service Provider (abbreviated SP) is a network-accessible service that relies on an Identity Provider to perform user authentication and provide user information in order to make access decisions and/or personalizing the user’s experience.

In the InCommon Federation (InCommon), a service provider specifically refers to a SAML service provider registered by a Participant where its SAML metadata is published in the InCommon metadata registry. 

Heads up: In casual conversation, an InCommon Participant who primarily participates as a service provider operator is frequently referred to as a service provider. 

Understanding your Responsibility as a SP Operator

The  InCommon Baseline Expectations for Trust in Federation (Baseline Expectations) is the foundational policy holding each InCommon Participant accountable when interoperating with each other. As a SP operator, you are agreeing to the following:

• you have controls in place to reasonably secure information and maintain user privacy;
• you will maintain accurate, complete, and published SP metadata via the InCommon Metadata Service to ensure timely and secured exchange of service connection and contact information; 
• you agree to follow common security incident response protocols to ensure speedy federation-related incident response coordination.

Further, your SP should support InCommon technical and interoperability standards when connecting to an InCommon-registered IdP. InCommon’s primary federated access protocol is the Security Assertion Markup Language (SAML). Additional deployment profiles and data exchange standards clarify interoperability gaps missing from SAML:

• Working with user data
• Communicating identity assurance:  REFEDS Assurance Framework
• Communicating authentication assurance: REFEDS Assurance Profile
• Scaling responsible data release: REFEDS Entity Categories
• SAML V2.0 Deployment Profile for Federation Interoperability

Registering a Service Provider 

The Onboarding Services in the InCommon Federation guide is your starting point to learn how to design your platform and service to work well with InCommon. In particular, we recommend these 2 articles as your first readings:

• Determine How Your Offering Contributes to Providing a Service
• Step-by-step guide to offering services in the InCommon community

Engage in Community Conversations

See Engage - get the most out of InCommon for information about how to keep current with new developments, augment your ability to interoperate within the federation, and become more involved in InCommon's vibrant community.