Shibboleth

Software: The SSO solution for research and education and the InCommon Federation

The Shibboleth component of the InCommon Trusted Access Platform is the lynchpin that securely authenticates identities within the InCommon Federation. It is a single sign-on (SSO) solution that allows management to make informed authorization decisions in a privacy-preserving manner.

Shibboleth is among the world’s most widely deployed federated identity solutions, connecting users to applications both within and between organizations. The Shibboleth components are open source and, while initially developed by Internet2, are now maintained by the international Shibboleth Consortium.

Shibboleth also:

• Enables organizations to use an existing user authentication mechanism to access web-based resources even if the resource is not operated by the organization. Benefits include:
  • A user only needs their “normal” login credentials, not one per resource.
  • Access resources do not need to manage credentials.
• Enables management of a user’s information so it is provided to a resource. Benefits include:
  • When a user updates information with their organization, all resources receive it.
  • Resources do not need to be stored and maintain data known by the user’s organization.
• Enables the user, or their organization, to control the release of the user’s information. This has the benefits that:
  • The user, or their organization, is in control of what information gets released.
  • Those who manage these resources don’t need to worry about receiving and protecting data that is no longer required.
• Provides centralized auditing and reporting of the user authentication events/application access.

The Trusted Access Platform provides packaged versions of Shibboleth software that are integrated with the other components. Also included are extensions such as the new Shibboleth User Interface for administrators.

New! Shibboleth User Interface

Check out the IdP metadata management graphical user interface

Learn more