Announcements |   placeholder

OpenID Connect Identity Federations at lightning speed

OpenID Connect (OIDC) is a simple identity layer on top of the OAuth 2.0 protocol, which acts in a similar way like SAML2 as a protocol for identification and authentication. Current identity federations in the academic area are, with almost no exception, SAML2 based. There is however a strong and rising interest for using OpenID Connect as a protocol for identification and authentication. The OpenID Connect protocol is being perceived as a simpler, JSON/REST based protocol, and is being designed, besides web-based applications, to also support native apps and mobile applications. OpenID Connect is adopted by the large players in the industry, like Amazon, Google, Facebook & Microsoft. Furthermore the REFEDS Survey 2016 showed a great interest from federations for supporting OpenID Connect. There is, however, no support for building federations in the basic standards of OpenID Connect, for identity federations as we know them currently in the academic area. Roland Hedberg et al., have written a specification for creating an identity federation using OpenID Connect, hereby taking into account some lessons learned from the identity federations as we know them know. The GN4-2 Trust & Identity Next Generation Technology task is taking the next step by further implementing and developing the specification, with as goal to create running implementations with the tools needed to run it as a federation and the creation of a technology profile for eduGAIN. Our first set of objectives are planned for June 2017. In this presentation we will present – in lightning talk style – an overview of the work done from the start in 2016 to June 2017, with the topics around: * Use cases at the levels of campuses, federations and inter-federation * Implementations & further standardisation * R&E Federation specific components (attribute groups, “entity categories”) * Planned pilots * The next steps



Part of session

Identity LEGO

Related documents