Federation Technical Guide
The Federation Technical Guide provides a convenient way to locate the details and documentation for implementing federated identity management with InCommon.
Precursors to Technical Implementation
We have a short document, "InCommon Basics and Participating in InCommon," that includes a Federated Identity Management Checklist. If you are new to InCommon or to federated identity, this is a good place to start. This booklet includes information on the following topics:
- Review your practices and publish your POP
- Install/Configure SAML 2.0 Compliant federating software
- Support the eduPerson Schema
- Configure IdP attribute resolver for the appropriate sources
- Configure the IdP to release the right attributes
Technical Implementation
Starting with InCommon
- Shibboleth installation guides
- Shibboleth installation training
- Testing your IdP
- Naming and establishing your EntityID
- Registering your system in the federation: metadata
- Establishing your primary DNS domain
Identity Attributes
Federation Manager
Metadata
Advanced Topics
Recommended Practices
The InCommon community has developed a set of recommended practices for many aspects of federation practice. You can navigate to the Recommended Practices page for these and other topics:
- Organizational Presence
- Participant Operational Practices (POP)
- Contacts in Metadata
- Federated Security Incident Response
- Technical Basics
- Metadata consumption (refreshed daily)
- Scope in Metadata (DNS domain controlled by SP)
- x.509 certificates in metadata
- SAML protocol endpoints
- User Interface elements in metadata (IdP and SP)
- Requested attributes in metadata
- Operational Maturity
- Maintaining supported software
- Federation user experience
- Maximizing the Federation
- Identity Provider attribute release process
- Persistent identifier support