To truly foster collaboration, identity federation is all about creating a trust framework for many organizations so users can log in with accounts from their home organization to access shared online services.
In many contexts, federation is used to enable users at one organization to log in to many online applications using the Security Assertion Markup Language (SAML) family of protocols.
Higher Ed and Research
This style of “mesh” federation is widely adopted by the higher education and research communities because cross-organizational collaboration is the norm.
- Many universities have partnerships that allow students from other partner schools to enroll in courses and log in to their campus Learning Management System.
- School and university systems provide central shared services for every school in their district, region, or state.
- Virtual Organizations for research projects provide shared online collaboration platforms for faculty and private researchers at organizations across the globe.
Companies can leverage mesh federation to streamline access after corporate acquisitions. Mesh federation makes it easy to allow new companies to log in with existing user accounts until everyone is ready for a full-fledged identity consolidation project.
Federation without the Frustration
Lack of Vendor Support for Mesh Federation
While many identity solutions support bi-lateral SAML federation, most do not support registration in trust federations like InCommon/eduGAIN.
Managing a Local Federation
IdP is Costly Many organizations install and run open source software solutions locally, such as SimpleSAMLphp or Shibboleth, for the singular purpose of participating in mesh federations. It can be costly to keep up with upgrades and manage integrations with the solution.
Mesh Federation Made Easy
Cirrus Identity can “bridge” your existing identity solution, such as Microsoft Azure AD, Okta, OneLogin, CAS, or LDAP to the mesh federation of your choice, such as InCommon. Our customer support and documentation make implementation easy, and you don’t have to worry about running and upgrading on-prem SAML Identity Provider solutions anymore!
Add Additional Login Options
In addition to your federated partners, you can easily add login options for social providers like Google or LinkedIn, as well as our brandable hosted identity provider. You can use our configurable Discovery Service to configure an intuitive, easy-to-use login screen. We help you get your users to the services they need quickly and painlessly.