VI-SEEM Login enables individual researchers to seamlessly and securely access VI-SEEM services using federated authentication mechanisms. Through VI-SEEM Login, users are able to authenticate using the credentials provided by the Identity Provider (IdP) of their Home Organisation in eduGAIN, which has become the primary mechanism to interfederate for global research and education collaboration, bringing together more than 2000 Universities and Institutes around the world. Complementary to eduGAIN, VI-SEEM Login enables users that do not have an account on one of the federated IdPs, to still be able to access VI-SEEM services using social identity providers or other selected external identity providers. To achieve this, VI-SEEM Login has built-in support for SAML, OpenID Connect and OAuth2 providers and already enables user logins through Google, LinkedIn and Facebook.
VI-SEEM Login simplifies administrative processes for both community managers and service providers by serving as a central hub between federated Identity Providers and Service Providers. The main advantage of this approach is that it allows for all entities to establish and maintain technical and trust relation only to a single entity, the VI-SEEM Login service, which acts as a Service Provider towards the Identity Providers and as an Identity Provider towards the Service Providers. Common technical services, such as Identity Provider discovery and user account management are provided centrally by VI-SEEM Login, and do not have to be implemented by each individual service. VI-SEEM Login is also responsible for aggregating user attributes originating from various authoritative sources (IdPs and attribute authorities) and delivering them to the connected service providers in a harmonised and transparent way. Service Providers can then use the received attributes for controlling access to their resources.
What’s next: all the user communities of the VI-SEEM scientific disciplines are expected to be on board the VI-SEEM Login platform by the end of the year. Furthermore, the new OpenID Connect interface will be introduced, aiming for a faster and easier integration experience for new services.