...
CTA is a community of astrophysics users which already had its own AAI solution in place, and represents for AARC, in this respect, a very good example of how to address the needs of a community who already developed an AAI, in their case . In this case their AAI solution was based on a SAML stand-alone, catch all Identity Provider, integrated with a Group management tool used for Authorization on selected services service providers.
This pilot propose to provide a non-invasive solution to simplify access to CTA services from eduGAIN and the CTA community.
The requirements which have been identified from the beginning to add the CTA community to the eduGAIN interferation, from the CTA perspective, are the following ones:
- Implement a user-friendly user enrollment flow
- Manage both CTA and eduGAIN identities for users
- Link identities under administrator approval
- Keep supporting Grouper as the main authorization front end towards their SP / services
- Include guest identities ( Social IDs) - [ light requirement ]
- Support OIDC RP - [ light requirement ]
...