LIGO is an international research collaboration which has its roots in the US and is an InCommon member. LIGO is regularly forming partnerships with other research groups from around the world. As well, like all research enterprises, it is committed to a strong education and outreach program. LIGO service providers fall into two categories: higher security services which are used exclusively by those within LIGO and lower security services which are used by a mixture of LIGO user and other collaborators. We require at least ePPN and preferably the entire Research and Scholarship (R&S) Entity Category suite of attributes to access either kind of service. For users within LIGO whose IdPs do not assert R&S, we provides an IdP of last resort so that they can reach the high security SPs. They can also access the lower security SPs with these credentials. For external collaborators accessing lower security services, we use their home IdPs to authenticate when R&S is available. All other users can use a Google identity via a Cirrus social-to-saml gateway service we have contracted. For education and outreach we have not yet implemented any services, but there is a clear use case for having services available to K-12 for these purposes.
Our primary issue with supporting our users are the following: