The Incommon Federation wiki has moved.

Please visit the new InCommon Federation Library wiki for updated content. Remember to update your bookmarks.

Click in the link above if you are not automatically redirected in 15 seconds.



You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Current »

Research & Scholarship for Identity Providers

Browse a list of all current R&S SPs and IdPs

To have your IdP certified as supporting R&S:

  1. Review the requirements for R&S SPs
  2. Read the authoritative Research & Scholarship Entity Category specification
  3. Review the Deployment Considerations for R&S document
  4. Based on the previous steps, decide whether your institution is ready to support R&S
  5. Review your entity info page for consistency, clarity, and completeness
  6. Add an (optional) Error Handling URL to your metadata
  7. Configure your IdP to release the R&S attribute bundle

  8. Declare your ability to support R&S in Federation Manager


Once this is done, your IdP will be added to the list, normally within one business day.

For R&S SP Owners

To encourage an IdP to support R&S, contact us at admin@incommon.org. We will reach out to the site admins for that IdP on your behalf.

IdP Deployment Requirements

Review the R&S Entity Category specification

An identity provider (IdP) supports the Research & Scholarship (R&S) Category if, for some subset of the IdP's user population, the IdP releases a minimal subset of the R&S attribute bundle to R&S SPs without administrative involvement, either automatically or subject to user consent. The following attributes constitute a minimal subset of the R&S attribute bundle:

  • eduPersonPrincipalName
  • mail
  • displayName OR (givenName AND sn)

For the purposes of access control, a non-reassigned persistent identifier is required. If your deployment of eduPersonPrincipalName is non-reassigned, it will suffice. Otherwise you MUST release eduPersonTargetedID (which is non-reassigned by definition) in addition to eduPersonPrincipalName. In any case, release of both identifiers is RECOMMENDED.

Testing IdP Support for R&S

Once you've configured your IdP, you can test your configuration using this test page, a service provided by the GENI Experimenter Portal, an official R&S SP.

IdP Deployment Options

Declare your support for R&S now!

To support the Research and Scholarship Category, an IdP has multiple options:

  1. Release the Essential Attribute Bundle to all SPs
  2. Release the R&S attribute bundle to all R&S SPs
  3. Release a minimal subset of the R&S attribute bundle to all R&S SPs
  4. Release a dynamic subset of the R&S attribute bundle to each R&S SP on an SP-by-SP basis (depending on requested attributes in SP metadata)

Supporting R&S

Sites are strongly encouraged to configure their IdPs to support R&S, either by releasing the Research and Scholarship Attribute Bundle directly to R&S SPs or by releasing the Essential Attribute Bundle to all SPs.

The R&S category is the first of many such categories. Soon there will be multiple categories, for both SPs and IdPs, such that each category has its own entity attribute value. To support a given category, an additional software configuration similar to the R&S IdP configuration is required.

The use of entity attributes (as opposed to entity IDs) has a significantly reduced administrative burden at the IdP. As the number of categories increases, however, the number of configurations increases as well. It is natural to ask if there is an even higher level of abstraction that further simplifies the administration of attributes? The answer is yes, an IdP can release the Essential Attribute Bundle to all SPs, not just R&S SPs. Such a configuration can simultaneously satisfy the attribute requirements of multiple categories.

If you have further questions, please consult the Research and Scholarship FAQ.


Declare your IdP's Ability to Support R&S in Federation Manager

To declare your ability to support R&S, you will simply need to check a box in Federation Manager to update your metadata. Follow these steps below:

  1. Log in to Federation Manager and click "Update" next to your IdP. 
  2. Scroll down to the section labeled Entity Attributes. The section will look something like this:
  3. Check the box under the Assert Column for the row labeled REFEDS Research and Scholarship Support:
  4. Click Submit: 
  5. You will be asked if this is something you really want to do. Click OK once you verify that you have not unchecked any other entity attributes you did want to assert and have not accidentally checked any other entity attributes.
  6. Verify at the bottom of the page that your IdP's metadata is now asserting R&S like below. Blue text will indicate additions to your metadata while strikethrough text will indicate deletions from the metadata. 
    2. In this case, Hide from Discovery was also added. If you did not expect Hide From Discovery to be added, scroll back up to the Entity Attributes section and verify that Hide from Discovery was not accidentally checked when R&S Support was added.
  7. Once you have verified that everything looks good, click on Submit Changes near the top of the page. Your metadata will be automatically approved and published within one business day. 
#trackbackRdf ($trackbackUtils.getContentIdentifier($page) $page.title $trackbackUtils.getPingUrl($page))
  • No labels