...
- Support for different authentications providers, including:
- institutions from national identity federations in eduGAIN
- social media (e.g. Google, Facebook, LinkedIn)
- other external authentication providers such as ORCID or community-operated identity providers
- Access to resources using different login credentials (e.g. institutional and social) via identity linking
- Access to multiple heterogeneous (web and non-web) services and resources using different technologies
- Non-web-browser based use cases include APIs and command line access (e.g. via SSH or OAuth2)
- Aggregation and harmonisation of authorisation information (e.g. groups and/or roles) from multiple sources
- Adoption of standards and open technologies, including SAML 2.0, OpenID Connect, OAuth 2.0 and X.509v3 to facilitate interoperability and integration with the existing AAIs of e-Infrastructures and research communities
- Adoption of policies compliant with global frameworks (e.g. REFEDS Research and Scholarship entity category and Sirtfi) in order to:
- support services in receiving and processing consistent user attributes in compliance with the minimal disclosure principle
- ensure good practices in operational security
- enable the coordination of incident response across federated organisations
- Expressing the level of trust in the user identity assertions using standard frameworks such as the REFEDS Assurance Framework
...