Versions Compared

Version Old Version 4 New Version Current
Changes made by

Dan Schwartz

Dan Schwartz

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Added link to online metadata explorer tool from REFEDS

Lehigh is a member of the InCommon Federation, which is the U.S. education and research identity federation, providing a common framework for trusted shared management of access to online resources, using the SAML2 protocol. Through InCommon, Identity Providers such as Lehigh University, provides users single sign-on (SSO) convenience and privacy protection to online Service Providers.  In addition to SSO, InCommon also coordinates eduroam, a wireless service between educational institutions.  See https://lts.lehigh.edu/services/eduroam-wireless-access for instructions on using

Excerpt

The InCommon Federation provides a trust relationship for authentication between members of the federation.  


There are two services categories that Lehigh currently uses within InCommon - SSO and Eduroam:

  • SSO:  InCommon's Participants (member institutions) operate Identity Providers (IdPs) and Service Providers (SPs).  IdPs are network-accessible services that authenticate users and provide identity information to services (SPs) so people can login to them.   Lehigh's IdP is located at https://sso.cc.lehigh.edu.  SPs are network-accessible services that rely on information from the IdPs for the purpose of making access decisions and/or personalizing the user’s experience.  There are over 4000 SPs within the InCommon Federation Some examples of popular SPs at Lehigh are Course Site (our moodle based Learning Management System), G Suite, the qualtrics survey tool, and Zoom (web conferencing).  IdP's share information with SP's when logging into the SP as a set of encrypted attributes that are exchanged.  Here is Information about the SAML attributes that Lehigh uses.  There is a metadata explorer tool provided by REFEDS (the Research and Education FEDerations group)which you can use to quickly search for attributes and contact info of federated service providers.
  • Eduroam:  InCommon has established a relationship with eduroam, a global wireless network access service for research and education. An eligible organization (research organization or education-related organization) can provide users (students, researchers, staff and faculty) with wireless access at participating institutions using their home institution's credentials. See these eduroam instructions to use eduroam with your Lehigh account.