Child pages
  • InCommon Assurance Program
45 more child pages

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Identity Assurance Assessment Framework
  • Candidate Release
titleRelated Documents and Resources
Wiki Markup
[Current Release|] (1.0.4) \[PDF\]

Bronze and Silver Identity Assurance Profile

  • Candidate Release
  • Wiki Markup
    [Current Release|] (1.0.4) \[PDF\]

Frequently Asked Questions About the Silver Refinement

Wiki Markup
*[Assurance Profile Assessment Checklist|]* \[Excel\]

InCommon Assurance Technical Procedures

Wiki Markup
*[Silver Report from the CIC: Phase 1|]* \[PDF\] - A report from the first of three phases of the CIC effort to implement Silver.


The InCommon Assurance process is designed to support the needs of service providers that must require identity providers to meet a more detailed set of requirements than is defined with our basic federation services. The National Institutes of Health and National Science Foundation are examples of such service proviers.

These new assurance levels are named bronze and silver and originally corresponded with the National Institute of Standards (NIST) security guide 800-63 for level 1 and level 2 of assurance. Silver provides a higher level of assurance, including criteria for more robust identity management and identity-proofing procedures. InCommon has undertaken a detailed review and as a result is refining the Identity Assurance Profile with the goal of simplifying the profile and ensuring it meets the current requirements of the federal government. 

This project has two main drivers:

1. The federal government requirements have changed. The standards are now being developed by the Identity, Credential and Access Management (ICAM) effort at the GSA. The Identity Assurance Profiles were originally written to comply with an older government initiative - eAuth - which is no longer active and had a number of criteria that no longer apply.

2. A group of schools has been working through the Silver adoption process and uncovering a number of questions and recommendations. These have also been incorporated into the updated profile.

The updated Identity Assurance Profile and the related Identity Assurance Assessment Framework are now available for community comment. In the box to the right, you will find links to the new documents (both version 1.1), along with the current 1.0 versions. I invite you to send your comments to

We will accept comments through March 28, 2011, with the goal of completing this process by April 11, 2011.

The community wishes to thank the schools that have been working on the Silver adoption process – the Committee for Institutional Cooperation (CIC), which includes the Big Ten plus the University of Chicago, along with the University of Washington and Virginia Tech. In addition, a group of member-institutions of SURA (Southeastern University Research Association) has recently started a Silver adoption process. Both of these collaborations will document their efforts, which will help all of us as we move to adopt Silver.


InCommon Assurance Community Wiki

Table of Contents

Baseline Expectations for Trust in Federation

Baseline Expectations links and information

Baseline Expectations Foundational Document

InCommon Community Trust and Assurance Board (CTAB) Minutes Publicly Available

InCommon Community Trust and Assurance Board (CTAB) Minutes are publicly available here

The charter for the InCommon Community Trust and Assurance Board (CTAB) is here

InCommon MFA Interoperability Profile Working Group

The mission of the working group was to develop and document requirements for creating and implementing an interoperability profile to allow the community to leverage MFA provided by an InCommon Identity Provider by allowing SPs to rely on a standard syntax and semantics regarding MFA. See the working group wiki and the Final Work Products.

InCommon Silver with Active Directory Domain Services Cookbook for 1.2 Released

The final version of the InCommon Silver with Active Directory Domain Services Cookbook is available now! For an overview of the important bits, see the May 2014 webinar recording

Reading Bronze: Understanding the InCommon Profile (recordings available)

InCommon sponsored a community reading of the Bronze InCommon Assurance Profile to aid in the understanding and intent of the requirements. There were four calls during Dec. 2013 and Jan. 2014.  The calls have now concluded. Thanks to all who participated for the excellent comments and questions.

Recordings are available at this link.

Assurance Program

Specification Documents

Alternative Means

Community Resources


Technical InterOp

Community Contributions

Webinars and Presentations

Additional Resources

InCommon Assurance Program website


RSS Feed


InCommon Community Trust and Assurance Board (CTAB) Minutes

CTAB Charter

CTAB Nominations for Term Starting 2019

Baseline Expectations for Trust in Federation Web Page

InCommon Assurance Web page

InCommon Certified Identity Providers

Federal ICAM Approved Identity Providers

titleStay Informed

Add yourself to our assurance email list by sending an email to with this in the subject: subscribe assurance

titleCommunity Assurance Call Minutes (these calls were suspended starting in 2018)

6-Dec-2017 Assurance webinar (Introducing CTAB )

4-Oct-2017 Assurance Call (Refocusing Community Guidance of InCommon's Trust Programs: Baseline and Bronze)

7-June-2017 Assurance Call (Baseline Expectations Implementation)

1-March-2017 Assurance Call (NIST 800-63 / Digital Identity Guidelines

4-January-2017 Assurance Call (REFEDs Assurance Working Group)

2-November-2016 Assurance Call (2017 AAC Workplan Discussion)

5-October-2016 Assurance Call - Baseline Expectations and their Implementation (Slides) and (AdobeConnect)

3-August-2016 Assurance Call (Baseline Expectations - Last Call for Comments)

6-July-2016 (webinar on Baseline Expectations for Trust in Federation)

6-July-2016 (comments in Adobe Connect Chat during Assurance Call on Baseline Expectations

4-May-2016 (webinar on Federated Security Incident Response (SIRTFI) Effort)

6-April-2016 (webinar on MFA Interop Profile WG)

3 Feb 2016 (webinar on Insights in Assurance: Developments from Across the Pond)

4 Nov 2015 (webinar on survey results and baseline practices)

2 Sept 2015 (webinar on Shib IdP v3 and Duo MFA)

8 July 2015

6 May 2015 (flexible vetting)

1 April 2015 (password reset)

4 March 2015

5 Nov 2014
15 Oct 2014
4 Sep 2014
9 Jul 2014
19 March 2014 (presentation on Multi-Context Broker)
12 Feb 2014
4 Dec 2013
6 Nov 2013
2 Oct 2013
4 Sep 2013
7 Aug 2013
10 July 2013
5 June 2013
8 May 2013
3 April 2013
6 March 2013
13 Feb 2013
9 Jan 2013
12 Dec 2012