Child pages
  • Entity Eligibility
Skip to end of metadata
Go to start of metadata

The following table summarises the position on various federations on who is eligible to join the federation as an Identity Provider or as a Service Provider. Please note that this is a snap-shot representation from the time the documents were analysed and may not represent up-to-date information / accurate current policy. 

 

Federation

Eligibility IdPsIdP RestrictionsEligibility SPsSP RestrictionsDocument Comments 

Austria, ACOnet Identity Federation (eduID.at)

In order to become an Identity Provider in the ACOnet Identity Federation an organization MUST be eligible for ACOnet participation and MUST become a participant of ACOnet.
Must be a participant of ACOnet (i.e., NREN subscriber)
In order to become a member of the ACOnet Identity Federation as a Service Provider only, and to receive identity information from ACOnet Identity Federation Identity Providers, a Service Provider is NOT REQUIRED to become a participant of ACOnet (i.e., not an NREN subscriber, but a federation member nonetheless).
Restrictions are around following technical requirements of the federation, not on type.Policies, see also MembershipNothing in policy restricts service type.

Belgium, Belnet R&E Federation

Only CLIENTS of Belnet who have signed an agreement for the provision of internet services in the
category ‘Research and Education’, may accede to the Belnet R&E Federation as IDENTITY PROVIDER. If there is no agreement anymore between the IDENTITY PROVIDER and Belnet for the provision of an internet service, then automatically every role of the IDENTITY PROVIDER will be removed from the system.
The IdP are Belnet's customers from the research and education (R&E) community, excluding the administrations and ministries of all levels.
Must be a member of Belnet
The SERVICE PROVIDER provides services to users of the affiliated organisations. Thanks to the federative service, it is not necessary that the service providers still store or manage the identity data, which have been forwarded by the IDENTITY PROVIDERS. ccept the technical minimum requirements in the Technical Policy of Belnet. Belnet reserves the right to alter the technical minimum requirements in the Technical Policy at any
time. The alterations will be mentioned on the concerned website of Belnet and will come into effect two months after their notification via e-mail by Belnet.
The SP are any companies that offers a service or content that fullfills the needs of Belnet's R&E community members, respecting the defined policy.
Restrictions are around following technical requirements of the federation,not on type.Federation Policy and MRPSNothing in policy restricts service type.

 

Brazil - CaFe edugain policy links broken.      
Canada - Canadian Access Federationedugain policy links broken.      

Chile -COFRe

For Identity Provider Organizations, REUNA member institutions can apply to this membership directly. For other institutions its application shall be studied and take a resolution and informed via email within 15 days.
Possible to become an IdP if non-member subject to scrutiny
For apply to a Services Provider membership, is needed a previous recommendation from any of the
Federation Members acting as an Identity Provider Organizations.
Recommendation from an IdP needed, implying service is required by community. Federation Rules, including appendices.  Only restriction on SP is recommendation.
Colombia - COLFIREEligible organisations published on website (none currently posted).No specific limitationsEligible organisations published on website (none currently posted).No specific limitationsFederation PolicyNo specific restrictions. 
Croatia - AAI@EduHrPolicy not available in English.     
Czech Republic - eduID.cz3.1 eduID.cz is used by organizations connected to the CESNET Network, pursing their research and education-related objectives. 5.1 The eduID.cz Federation may be joined by any organizations that fulfils the Access Policy.  Such an organization also needs to meet technical conditions and adhere to this Policy.  Final decision on admitting an organization to the eduID.cz Federation belongs to the Federation Operator.  Limited to organisations that have signed the National Research and Educational Network Access Policy  - so effectively members5.2 Organizations that do not fulfil the AP may join the federation in case they provide services to members who have joined under section 5.1.  Organizations joining the Federation in this manner are not allowed to join identity provider services.  Final decision on admitting any organization into the eduID.cz Federation belongs to the Federation Operator.No specific limitations  - legal and technical checks are done. Federation Policy and MRPS   
Finland - Haka
  • universities as defined by the Universities Act (24th of July 2009/558)
  • polytechnics as defined by the Polytechnics Act (351/2003) and other acts in force in Finland
  • bodies, authorities and research institutes of science and arts which are founded by law for public duty in Finland
  • university hospitals, and
  • other organizations for the public good or publicly owned organizations supporting research and education in universities, polytechnics and research institutes and university hospitals mentioned above

Home organisations other than universities and polytechnics are subject to federation steering group approval.

Organisations providing services to End users in Home organiations.SPs other than Home Organisations subject to steering group approvalJoining and registrations 
France - Fédération Éducation-Recherche

member organisation: federation participant which can act as both an Identity Providder and as a resource provider.,  A member organisation is an organisation entitled to use the RENATER network with an up-to-date agreement with GIP RENATER

 

Endorsed Member Organisation: education and / or research organsation that does not have an agreement with RIP RENATER but that has signed the federation charter.

Must be a RENATER member or another type of research / education organisation. Partner Organisation: federation participant proposing one or several resources.  Any type of organisation can become Partner of the Federation: public entity, association, French or foreign company.No specific limitationsFederation CharterNo specific limitations on SPs. 

Germany - DFN-AAI

      
Greece - GRNET AAI

In the Federation only institutions of academic, research and education community of Greece can participate as Identity Providers and each institution may take part with a single Identity Provider in the infrastructure. The academic, research or educational nature of the organisation may be decided by the Coordinator at his discretion. In addition, the Coordinator may exceptionally add Identity Providers to the Infrastructure that do not meet the above criteria to serve specific purposes, such as virtual IdPs to serve guest users of the federations or to peer with other federations.

Only institutions of academic, research and education community of GreeceAny organisation can participate in the Infrastructure as a Provider of one or more services provided that these services promote the academic, research or educational work. There are no restrictions regarding the non-profit nature of the organisation, but in the case the organisation does not also participate as an Identity Provider, it is necessary for at least one Identity Provider to express interest in accessing the particular service; this interest should be formally expressed to the Coordinator.No specific limitations.Federation PolicyNothing in policy restricts service type.

Ireland - Edugate

      

Italy - IDEM

Organisations connected to the GARR network can join IDEM federation as "Member". Members can, and usually do, register an IdP.

GARR network include universities as well as national research institutes, research hospitals, health authority and research organizations for animal health and food safety, national libraries, national archives, cultural heritage institutions, high education institutions for arts and music, schools.

Other organizations not connected to the GARR network can join IDEM federation as "Partner". Normally Partners are not allowed to register an IdP.

Upon a clearly motivated request, the Policy Committee can allow a Partner to register its IdP (until now we never received such a request).

Since joining the federation entails making a legal agreement with the federation operator, any organisation which wishes to join must be a legal entity.

 

The registering organisation must be a legal entity, normally connected to the GARR network.

Each organisation can register only 1 IdP for the whole organisation. An IdP related to a division of the organisation is not admitted.

The IdP must be working and satisfy security and tech requirements.

The organisation running the IdP must provide a declaration about its internal identity management procedures. The organisation must be able to assign identities only to real persons and must be able to trace the users, according to the privacy law.

Any organisation, joint to IDEM Federation as Member or as Partner, can register a SP.

Since joining the federation entails making a legal agreement with the federation operator, any organisation which wishes to join must be a legal entity.

The federation board can refuse an SP belonging to an organisation not connected to GARR if the service is out of the interest of users' community.

The SP must be working and satisfy security and tech requirements.

Participants registering one or more SP are committed to:

• limit the request for user information to those needed to provide the service;

• keep track of operations,  with statistics for monitoring and evaluating the Resource(s) usage;

• keep private the user information obtained through the Federation, and not communicate it to third parties, unless specific agreements with their home Organization exist;

• do not aggregate any information about end-user activities without an explicit permission or previous agreements with their home Organization.

Signing the icon Member Accession Form or the icon Memorandum of Understanding, the Organization accepts the icon Regolamento and the icon Rules of Participation (NdP).

Technical specification are in the following documents:icon Technical Specification and the Technical icon Specifications for Compilation and Use of Attributes.

Nothing in policy restricts SP type.

Japan - GakuNin

      

Norway - FEIDE

      

Spain - SIR

      

Sweden - SWAMID

In order to become an Identity Provider in SWAMID an organisation MUST be eligible for SUNET membership and MUST become a Member
of SWAMID.
Must be a member of SUNET.A Relying Party is in general NOT REQUIRED to become a Member of SWAMID in order to consume identity information from SWAMID identity providers.No specific restrictions. SWAMID policyNothing in policy restricts service type.

Switzerland - SWITCHaai

In order to operate an Identity Provider in the SWITCHaai Federation an organization must be part of the SWITCH Community (as defined by the SWITCH foundation).

Or the institution has close collaboration with the SWITCH Community and joins as a SWITCHaai Federation Partner that is eligible to operate an IdP.

No restrictions for institutions in the SWITCH Community.

SWITCH decides whether a Federation Partner is eligible to operate an IdP.

Institutions eligible to operate an IdP are also eligible to operate any number of Service Providers.

Further institutions may join as SWITCHaai Federation Partner.

Unless the institution has already well established relationships with institutions from the SWITCH Community, they need to find a supporting institution from the SWITCH Community that expresses its support by signing on the application form.

SWITCHaai Service Description (includes the policy) and MRPSNothing in policy restricts service type.

 

The Netherlands -
SURFnet - SURFconext

Policy not available in English.     

USA - InCommon

InCommon defines, and may change from time to time, different classes of InCommon Participants. Different classes may receive different services, may have different roles in InCommon activities, and may be liable for different fees and/or dues. Currently defined classes are Higher Education Institutions, Sponsored Partners, and Research Organizations (as defined in the FOPP).

(1)  Higher Education (accredited post-secondary institutions and their central offices). To qualify as a Higher Education participant, an organization must be:

        • A two- or four-year degree-granting institution that is accredited by an agency on the U.S. Department of Education's list of recognized Regional Accrediting Agencies as listed on the InCommon website (URL found in section 2.4; or
        • A state higher education system office or other central coordinating office which either governs or manages a collection of accredited, degree-granting institutions. The entity must be commissioned, established, or recognized by a local, state, or national government to perform this activity or must be a cooperative venture organized by and for the benefit of higher education institutions for the above purposes. Documentation substantiating these criteria may be required, and determinations will be made on a case by case basis.

(2)  Research Organizations. InCommon acknowledges that Research Organizations are critical partners in the research and education efforts supported by InCommon. A Research Organization is defined as a lab, facility, or center related to a particular federal research agency and listed on an official publicly available government listing to InCommon's satisfaction. The InCommon-approved listings of eligible government labs and centers will be maintained on the InCommon website. A Research Organization may sponsor into the federation any Sponsored Partner Organization by formal letter of sponsorship from the active InCommon Executive Liaison at the Research Organization.

3)  Sponsored Partners of any participant in the first two classes. A Sponsored Partner is any entity that is sponsored for participation in the Federation by a participating category 1 or category 2 organization. A Sponsored Partner typically provides online resources, research data, informational, or other services to the sponsoring higher education organization. A sponsorship letter must be received by InCommon from the sponsoring category 1 or category 2 Participant's designated Executive, either by email or postal mail. For details see the InCommon website.

Higher Ed, Research Organisations, Sponsored Partners

InCommon defines, and may change from time to time, different classes of InCommon Participants. Different classes may receive different services, may have different roles in InCommon activities, and may be liable for different fees and/or dues. Currently defined classes are Higher Education Institutions, Sponsored Partners, and Research Organizations (as defined in the FOPP).

(1)  Higher Education (accredited post-secondary institutions and their central offices). To qualify as a Higher Education participant, an organization must be:

    • A two- or four-year degree-granting institution that is accredited by an agency on the U.S. Department of Education's list of recognized Regional Accrediting Agencies as listed on the InCommon website (URL found in section 2.4; or
    • A state higher education system office or other central coordinating office which either governs or manages a collection of accredited, degree-granting institutions. The entity must be commissioned, established, or recognized by a local, state, or national government to perform this activity or must be a cooperative venture organized by and for the benefit of higher education institutions for the above purposes. Documentation substantiating these criteria may be required, and determinations will be made on a case by case basis.

(2)  Research Organizations. InCommon acknowledges that Research Organizations are critical partners in the research and education efforts supported by InCommon. A Research Organization is defined as a lab, facility, or center related to a particular federal research agency and listed on an official publicly available government listing to InCommon's satisfaction. The InCommon-approved listings of eligible government labs and centers will be maintained on the InCommon website. A Research Organization may sponsor into the federation any Sponsored Partner Organization by formal letter of sponsorship from the active InCommon Executive Liaison at the Research Organization.

3)  Sponsored Partners of any participant in the first two classes. A Sponsored Partner is any entity that is sponsored for participation in the Federation by a participating category 1 or category 2 organization. A Sponsored Partner typically provides online resources, research data, informational, or other services to the sponsoring higher education organization. A sponsorship letter must be received by InCommon from the sponsoring category 1 or category 2 Participant's designated Executive, either by email or postal mail. For details see the InCommon website.

Higher Ed, Research Organisations, Sponsored Partners

InCommon FOPP

InCommon Participant Agreement

Nothing in policy restricts service type.

United Kingdom - UK Access Management Federation

Organisations eligible to join the federation include all educational and research institutions. This covers all colleges, universities and research council funded establishments, and includes Local Authorities with responsibility for the schools sector. Please also see separate guidance on the school sector trust relationships in respect of Regional Broadband Consortia and Local Authorities. Other publicly funded bodies are also eligible for membership, subject to support from the relevant authorities.

Since joining the federation entails making a legal agreement with the federation operator, any organisation which wishes to join must be a legal entity. This has implications.

all educational and research organisations inc schools. 

Any commercial organisation which provides services to those sectors is also eligible to join the federation, but may require to be sponsored by a member organisation.

Since joining the federation entails making a legal agreement with the federation operator, any organisation which wishes to join must be a legal entity. This has implications.

any commercial organisation (possibly with sponsorship)Eligibility PolicyNothing in policy restricts service type.

 

  • No labels