Versions Compared

Old Version 32

changes.mady.by.user trscavo@internet2.edu

Saved on

compared with

New Version Current

changes.mady.by.user trscavo@internet2.edu

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Frequently Asked Questions about the R&S Category

Table of Contents
minLevel3

...

General FAQs

Which services are eligible for the Research & Scholarship category?

Candidates for the R&S category include InCommon service providers that support research and scholarship as an essential component. For example, a service providing tools for both multi-institutional research collaboration and instruction is eligible as a candidate for the R&S category. (A service intended to support instruction alone is not eligible, however.)

InCommon reviews all applications from potential R&S service providers. The InCommon Technical Advisory Committee and the InCommon Steering Committee review and approve the requests. Visit the Federation Info pages for a complete list of all R&S service providers.

What is the R&S attribute bundle?

The R&S category defines a bundle of attributes that SPs choose from. InCommon identity providers that support R&S release a minimal subset of this attribute bundle to R&S SPs. Detailed For details, see the deployment considerations for IdP site administrators are provided elsewhere in this wiki.

...

IdPs wiki page.

Where can I find complete information on the Research & Scholarship Category?

The Research and Scholarship Category home page has detailed information and additional links.

FAQs for SPs

What if my R&S SP doesn't require all the attributes in the R&S bundle?

InCommon highly recommends that SPs take a minimalist approach to attributes. In metadata, list only requesting those requested attributes that they you absolutely need. IdPs are encouraged to implement a default policy that releases the R&S attributes to SPs in the R&S category. This requires a one-time change to the IdP's deployment configuration. More detailed deployment guidance will be found elsewhere in this wiki. As a side note, a number of IdPs intend to release these attributes to all SPs by default.Some IdPs will actually use the list of requested attributes in metadata to limit the attributes released to you just-in-time.

What if a user wants to access my service but that user's IdP does not release the attributes my service needs?

To have an IdP added to the list of IdPs that support R&S, contact us at admin@incommon.org. We will reach out to the site admins for that IdP on your behalf.

FAQs for IdPs

Do I need to configure my IdP to release attributes to each and every R&S SP?

No. A one-time configuration is all that's needed. Let me try to explain.

Today most IdPs configure their attribute release policies around the SP's entity ID (i.e., on an SP-by-SP basis). Every time you type an entity ID into your IdP software configuration, you paint yourself into an ever-smaller corner. To better scale the Federation, we recommend that IdPs configure their attribute release policies using entity attributes instead of entity IDs. This leads to a more robust deployment that is much easier to maintain.

What is an entity attribute?

Once an SP becomes an R&S SP, it receives the R&S entity attribute in metadata. You can support a single R&S SP by configuring its entity ID into your IdP software configuration, or you can support all R&S SPs by configuring the corresponding entity attribute. The latter scales better since it is a one-time configuration change.

What are the deployment options at the IdP?

An IdP has at least three deployment options (in increasing order of deployment difficulty):

...

See the R&S

...

wiki page for IdPs.

How do I configure my IdP to release the absolute minimum attributes required?

If your software supports it, you can release a dynamic subset of the R&S attribute bundle

...

based on the list of requested attributes in SP metadata

...

.

How do I get my IdP on the official list of IdPs that support R&S?

Once you've configured your IdP to release the R&S attribute bundle

...

The Shibboleth IdP software supports either of the first two options out-of-the-box. The latter option requires a special plugin at the Shibboleth IdP. Deployment options are discussed more thoroughly in the wiki.

Where can I find complete information on the Research & Scholarship Category?

There is detailed information on the Research and Scholarship Category elsewhere in this wiki, you declare your IdP's ability to support R&S by submitting a short form. Normally such an IdP would be added to the list within one business day.