...
Research communities can leverage the EOSC-hub AAI services for managing their users and their respective roles and other authorisation-related information. At the same time, the adoption of standards and open technologies, including SAML 2.0, OpenID Connect, OAuth 2.0 and X.509v3, facilitates interoperability and integration with the existing AAIs of other e-Infrastructures and research communities. As shown in Figure 2, communities can allow different authentication options for their members and, at the same time, enable access to all or a subset of the Infrastructures. It should be noted that this model also allows users to access resources as members of their home organisation. Being connected to multiple Community AAIs and the upstream institutional/social IdPs requires the Infra Proxies to properly support discovery for both community- and home organisation-based access scenarios.
Service overview
The EOSC-hub AAI comprises different AAI services, namely B2ACCESS, Check-in, eduTEAMS and INDIGO-IAM. Research communities can leverage these services for managing their users and their respective roles and other authorisation-related information. The suite of EOSC-hub AAI services also includes Perun, which can be used for managing users within organisations and projects, as well as managing access rights to the services. There are also Token Translation Services such as WaTTS and MasterPortal, which provide mechanisms that enable translation between different protocols or technologies. The RCauth.eu service, in particular, is an Online CA that can on-the-fly identify entities based on federated credentials and issue to them PKIX credentials in real-time, focussing on converting SAML-to-PKIX.
Service documentation
For resource providers
Procedure to integrate your service with the EOSC-hub AAI: