Google Gateway
InCommon Operations runs a Google Gateway for internal use. Currently the Gateway is integrated with the following Internet2 services:
- InCommon Federation Manager
- Collaboration Wiki Spaces at Internet2 (commonly called the “Spaces Wiki”)
- Multi-Factor Authentication (MFA) Cohortium Registry
- Multi-Factor Authentication (MFA) Cohortium Wiki
Over time, other Internet2 services will be integrated with the Google Gateway.
The Google Gateway is not a centralized service for all InCommon participants. For now, the Gateway is for internal use only.
Federation Manager
The term Delegated Administration refers to the ability of a Site Administrator to delegate responsibility for administering SP metadata to another administrator called a Delegated Administrator. A Delegated Administrator (DA) logs into the Federation Manager (FM) with a federated password, that is, the DA must have an account on an InCommon IdP. InCommon Operations does not issue passwords to DAs. If a site wishes to use the Delegated Administration feature of the FM, that site must deploy an IdP or use the Google Gateway.
In the eyes of a Delegated Administrator, the Google Gateway is just another IdP. Specifically, a DA sees an IdP called “Google Sign In” on the FM’s discovery interface. If the DA chooses to sign in with Google, the FM redirects the DA’s browser to the Google IdP via the Google Gateway.