Software: The SSO solution for research and education and the InCommon Federation
Shibboleth
Shibboleth is the linchpin that securely authenticates identities within the InCommon Federation. It is a single sign-on (SSO) solution that allows management to make informed authorization decisions in a privacy-preserving manner. Shibboleth is used in the InCommon Trusted Access Platform architecture to support federated and campus single-sign-on services to local and cloud-hosted applications.
Shibboleth is among the world’s most widely deployed federated identity solutions, connecting users to applications both within and between organizations. The Shibboleth components are open source and, while initially developed by Internet2, are now maintained by the international Shibboleth Consortium.
Introduction to Shibboleth
View this short video for an introduction to Shibboleth.
Shibboleth also:
- Enables organizations to use an existing user authentication mechanism to access web-based resources even if the resource is not operated by the organization.
- Users only need their home organization login credentials, not one per resource.
- Resource providers do not need to manage credentials.
- Enables management of a user’s information so it is provided to a resource.
- Users only need to update information within their home organization.
- Resource providers do not need to store and maintain this data.
- Enables users, or their organization, to control the release of information. Also provides centralized auditing and reporting of the user authentication events/application access.
The InCommon Trusted Access Platform provides a packaged version of Shibboleth software that is integrated with the other components. Extensions, like the Shibboleth IdP User Interface for administrators, are also available.
Learn more about the Shibboleth Consortium, where to find assistance for Shibboleth, how to sign up for training, and where to find the Shibboleth software package and the Shibboleth IdP Metadata Management User Interface.
