April 15, 2021
If you missed the April 14 IAM Online, featuring a discussion of new identity requirements for accessing some National Institutes of Health applications, you can view the recording and download the slides. In addition, the “Get NIH-Ready” wiki page has more-detailed descriptions of the NIH requirements and a list of resources to help with the transition.
To recap, the NIH electronic Research Administration (eRA) module will require multifactor authentication by September 15. Faculty and researchers can use their federated home credentials to access eRA, provided the identity provider has enabled MFA and the international standard for signaling MFA (REFEDS MFA profile).
NIH has required receiving the data elements that are part of the REFEDS Research & Scholarship Category (an identifier, name, and email address), a need that was reinforced during the webinar.
While there is no deadline set yet, NIH has also signaled that some applications will require identity providers to demonstrate a certain level of identity proofing and assurance. The InCommon Assured Access Working Group will report on its work to develop guidance to help academic institutions implement the REFEDS Assurance Framework, which NIH has chosen to support their identity-proofing and authentication requirements. The working group will host the May 12, 2021, edition of IAM Online and discuss its work and report.