As a national Identity Federation operator, what is the value of InAcademia and why promote InAcademia?
InAcademia is a service available to NRENs/Federations via eduGAIN that reduces the effort of onboarding services to national federations.
InAcademia is a trusted party that acts as a proxy between IdP and merchant. This has three primary benefits:
it unifies the setup and experience for retail services that wish to offer discounts and services to your constituency,
it reduces the support effort for institutions: opting into InAcademia once means its users can access retail discounts without exposing personally identifiable information to the merchant.
it mitigates the risk against misconfigured Identity Providers releasing irrelevant information to commercial services.
This proxy relationship also means that registered merchants automatically and actively comply with the GEANT Code of Conduct.
Where commercial service providers in eduGAIN are free to request multiple attributes when using federated identity, InAcademia requests only the attributes necessary to confirm academic affiliation, and does not share the attribute values received from IdPs with its downstream services.
InAcademia responds to a merchant request for validation with pseudonymised identifiers, and strips out any superfluous PII returned by the IdP before returning an id_token to the client, meaning that it’s a truly privacy preserving route to using academic federated identities.
Identity Federations can offload SPs to InAcademia whose use case only requires a success or denied answer in response to an affiliation request from a user, thereby removing the need to support them directly. This greatly reduces the effort that the Identity Federation would need to invest to bring those SPs up to join their federation.
InAcademia allows OIDC-only services to benefit from federated identity.
Being able to widen the number and variety of SPs available in your federation is an exciting proposition for IdP organisations and end users, and InAcademia helps Identity Federations to achieve this without proportionately increasing the support burden.
As SPs often don’t understand federated identity, Federations spend a disproportionate amount of time to onboard them; promoting InAcademia will save effort and cost for your Federation.
InAcademia can provide operational data to your Identity Federation operations that can help to identity and resolve any misconfigured IdPs.