eduTEAMS enables communities to create their own authentication and authorisation infrastructure (Community AAI) in order to address the challenges in accessing to a multiplicity of essential services and sharing resources in a secure, flexible and scalable manner. eduTEAMS provides a central point for the community to manage its user membership, to connect Identity Providers and Service Providers and to define and apply access and sharing policies.
Leveraging the ubiquitous presence of eduGAIN federated identities, eduTEAMS enables the community members to use the identities from their home organisations (HO) for authentication and identification purposes, while augmenting the information available from the HO, with community specific information, such as membership and roles within the community.
As research crosses not only countries but sectors, , eduTEAMS caters also for communities with users such as those from industry or citizen scientists who do not have access to eduGAIN. eduTEAMS supports a long list of external (non-eduGAIN) Identity Providers, such as social networks, community operated identity providers and other platforms that can provide federated user identities.
Projects and Teams
For teams and projects eduTEAMS provides a “Turn-key” solution for creating and managing Community AAIs following the AARC Blueprint Architecture. Available as:
- a shared platform, managed and operated by GÉANT, that can be used by small - medium communities and the long tail of science;
- dedicated service offering, specific to community, managed by the community and operated by GÉANT.
Users benefit by being able to sign in to services with their existing identities via eduTEAMS
- First class support of eduGAIN Identity Providers.
- Support for the Research and Scholarship entity category Code of Conduct and Sirtfi to address security and GDPR aspects.
- Support for a wide range of external Identity Providers, such as ORCID and Google
- Versatile user and membership management capabilities that can meet the needs of small and large–scale communities
- Configurable user registration flows
- Group and role management
Users can register once and access any service available to the their eduTEAMS community. eduTEAMS supports;
- User registration
- Account linking
- Support for web based and non-web based services (such as SSH access, access to HTTP APIs)
eduTEAMS reduces complexity for Service Providers by providing one integration point for all services enabling them to offer their services to team members
- Service Providers need only to configure their services to use the eduTEAMS Identity Provider and everything else is provided by the platform (integration with eduGAIN, integration with Guest Identity Providers, Identity Provider Discovery Service, Attribute Aggregation, Account Linking)
- Multi-protocol support (SAML, OIDC, OAuth2, X.509v3)
- Support for non-web based services, such as SSH access, access to HTTP APIs etc
eduTEAMS has successfully completed a number of pilots and a demonstration platform is available to allow evaluation at demo.eduTEAMS.org