The EOSC-hub AAI enables seamless access to research data and services in EOSC in a secure and user-friendly way. To this end, the EOSC-hub project has built upon existing AAI services to provide a consistent, interoperable system with which researchers and resource providers can integrate.
Features
- Adoption of standards and open technologies, including SAML 2.0, OpenID Connect, OAuth 2.0 and X.509v3 to facilitate interoperability and integration with the existing AAIs of e-Infrastructures and research communities
- Adoption of policies compliant with global frameworks (e.g. REFEDS Research and Scholarship entity category and Sirtfi) in order to:
- support services in receiving and processing consistent user attributes in compliance with the minimal disclosure principle
- ensure good practices in operational security
- enable the coordination of incident response across federated organisations
- Support for different authentications providers, including institutions from national identity federations in eduGAIN, social media or other external authentication providers such as ORCID or community-operated identity providers
- Access to multiple heterogeneous (web and non-web) service providers using services and resources using different technologies
- Support for access to nonNon-web-browser based services and resources includes use cases include APIs and command line access (e.g. via SSH , or OAuth2)
- Access to resources using different login credentials (institutional/social) via identity linking
- Expressing the level of trust in the identity assertions using standard mechanisms such as the REFEDS Assurance Framework
- Aggregation and harmonisation of authorisation information (groups, roles) from multiple sources using different protocols
...