Join InCommon

17
Apr.
2024

Federation

The Future of InCommon Federation Services: 3 Important Enhancements 

Share

Array

Estimated reading time: 3 minutes

By Albert Wu, InCommon Federation Manager, Internet2 Trust & Identity

There’s a great deal on the horizon for the InCommon Federation in 2024. We’re pleased to announce three long-awaited enhancements to our services, and I’m excited to share the details with the community to assist in your future planning.

Graphic displaying InCommon Federation and InCommon Community.

1. Enabling Federated Access to the Federation Manager Portal

That’s right. Federation Manager, the tool you use to manage InCommon-registered metadata, will support federated access for site admins this summer. Federation Manager already supports federated access for eduroam administrators and InCommon delegated administrators.

Detailed migration information will follow. Once enabled, if your organization has an InCommon-registered identity provider (IdP), you can access Federation Manager using your home organization credential. If your organization does not have an IdP, you will be able to sign in via either an Internet2 guest account or Google.  

  • Timing: Summer 2024
  • Service Impact: Site Administrators will sign into Federation Manager via Federated Access

2. Moving to the Per-Entity Metadata (MDQ) Service

InCommon first launched the Per-Entity Metadata Service in 2020. Since then, we have been operating it in parallel with the legacy InCommon metadata aggregate. 

InCommon will be retiring the legacy aggregate at the end of this year. If you have not already done so, you need to update your system to retrieve metadata from the Per-Entity Metadata Service as soon as possible. Not sure how to migrate? Stay tuned! Specific migration help is coming early this summer.

  • Timing: Throughout 2024 with migration expected to be completed by the end of 2024.
  • Service Impact: All services (IdP and SP) need to migrate to use the MDQ metadata service by December  2024.

3. Operationalizing InCommon Federation Baseline Expectations, Phase II

InCommon’s Operationalizing Baseline Expectations (BE) initiative continues. In 2023, we updated InCommon’s data integrity validation measures to help detect out-of-date metadata information. We also improved the transport layer security (TLS) scanning process, allowing site administrators to schedule on-demand scans of their entities from Federation Manager.

In 2024, we continue to implement the remainder of the Community Trust & Assurance Board’s (CTAB) Operationalizing Baseline Expectations for Federation Operators.

  • Timing:  Starting Fall 2024
  • Service Impact: All registered services (IdP and SP) will confirm annual adherence with Baseline Expectations requirements.

Stay in Touch with Us

About the InCommon Federation

The InCommon Federation provides secure single sign-on access to cloud and local services, and global collaboration tools. It connects millions of users and hundreds of educational institutions, research organizations, and commercial resource providers. The InCommon Federation and its practices are governed and built by an open community to meet the specific needs of higher education, research organizations, and their corporate partners: we value individual’s right to privacy; we believe in open, transparent, and equal sharing of information and knowledge; we encourage the ubiquitous adoption of online digital resources to accelerate research and discovery.

ICYMI