This may seem obvious, but you bring federated services to the members of your community by bringing your users to the federation. You do that by operating an Identity Provider (IdP) within the federation to provide identity information about the people in your community. These pages describe what you and, potentially, others at your institution must do to achieve that.
The primary responsibility of an organization operating an IdP is to ensure that that IdP provides trustworthy identity information when requested by a Service Provider (SP). Your organization has other responsibilities, as do organizations operating SPs and the Federation Operator, but we will focus on this primary responsibility here. For high-level information about those other responsibilities and the trust model in general, see Trusted Relationships for Access Management: The InCommon Model, For more detailed information, see the “Key policies and practices” section of Federation Practices and Documents.
As stated above, you provide identity information by operating an IdP to respond to requests from SPs. Trustworthiness, however, requires a combination of technological, operational, and organizational measures to ensure that:
- the IdP interoperates correctly within the federation
- the information used by the IdP is accurate and timely
- the IdP and other systems within your organization, as well as your operational personnel are prepared to handle incidents where things do not work correctly, particularly when those incidents involve other federation participants
Addressing these issues involves impacts for the technology you deploy, your Identity and Access Management business operation, and even your organization. Read on for more information about:
- IAM Technology
- The IAM System
- The IdP
- IAM Operation
Release of Information to Federation Partners
Lifecycle of Individuals’ Institutional Identities
Working with Other Federation Participants
- IAM Organization
Understand Others' Business Process Flows That Affect IAM Services
Executive Sponsorship
Governance
===> Do we want any of Bringing Federated Services to Your Users?