Increasingly universities in Europe are building federated Single-sign-on (SSO) services based on the Security Assertion Markup Language version 2 (SAML2). This is a much wanted situation since it gets rid of the need for each user to maintain different users at each service. But it also creates problems since people outside the community has a harder time getting in. For the federation to work each university participating must adher to strict rules about identity management and therefor must not willy-nilly add new members to itʼs community. Each managed user also comes with a price tag, hence an organization does not want to handle more users than necessary. To get around these problems we wanted to find a way to let people, with less frequent contacts with the universities or complete newcomers, use account they already have with public services on the Internet like Twitter, Facebook, Google and Windows Live ID.


Part of session

Federations & AAI

Related documents