REFEDS offers a wide range of advice and guidance on best practice for research and education federations. This space is divided into the following sections:
REFEDS has created a document describing The Value Proposition for Identity Federations. This is a good place to start if you are considering implementing an identity federation and need more background information and support.
JISC created a Business Case document to help Identity Providers make the case internally for the work required to implement SAML. The document was written at the beginning of the UK Access Management Federation but is still valid and a valuable resource.
The GÉANT project created a Federation Policy Template to help new and emerging federations quickly understand the requirements for federation policy and to support an interoperable approach to policy creation and implementation. Federations are encouraged to use this template.
Understanding the Metadata Registration Practices of federations is key to understanding the trust framework for the federation. REFEDS and GÉANT have created a template Metadata Registration Practice Statement and federations are encouraged to use this template. This statement is a requirement for federations joining eduGAIN: MRPS-templatev1.pdf (pdf) MRPS-templatev1.docx (word). Also available in Markdown format on Github.
Discovery Best Practice
One of the challenges for multilateral federation is "finding" your Identity Provider. REFEDS has gathered a number of resources over the years to help Discovery Best Practice.
Authorization Best Practice
How can entities do authorization correctly in a federated environment? We've put together some authorization best practice guidance.
This document offers a set of recommendations on how vendors of cloud services and institutional customers should engage with each other to support federated identity.
- Barriers to Service Providers - Recommendations
- Barriers to Service Providers - Survey
- Cloud Services Cookbook
- Data Protection Best Practice
- Discovery Best Practice
- Entity Eligibility
- Federated Authorization Best Practices
- Federation Policy Mapping
- Identifiers Used in Federations
- Logos in Metadata
- Service Catalog