SlideShare a Scribd company logo

Feide Connect

Andreas Åkre Solberg
Andreas Åkre Solberg

This document discusses Feide Connect, a next generation service platform for advanced services and collaboration in higher education. It aims to provide a more seamless user experience across services through single sign-on authentication and additional features like user profiles, groups, activity streams, and open APIs. Rather than relying solely on SAML protocols, it advocates adopting modern OAuth standards and exposing functionality through REST APIs to better support mobile and third-party clients. Key components discussed include authentication, managing user groups and roles, searchable user profiles, activity streams, notifications, open data sharing, self-service tools for third-party clients, and international collaboration.

Technology
1 of 29
Download to read offline
«Feide Connect» Next generation service platform for advanced services and collaboration services for higher education. Andreas Åkre Solberg andreas.solberg@uninett.no
Once upon a time Web Single Sign-On with Feide was sufficient to provide a seamless user experience across services. !2
Collaboration on Internet ✤ A dynamic working groups spanning multiple organizations, work together using digital collaboration tools: ✤ A wiki ✤ Document sharing tool ✤ Meeting planner and calendar ✤ A Web meeting tool ✤ A web forum or mailinglist !3
Feide Connect Authenti cation Self Service Groups and Roles Activity People streams search API Authz Mngmnt OAuth Authorization Engine HTTP API 5
Feide Connect New architecture Feide tjeneste Mobil app Web app Tredjepartsklient / integrasjon API-based instead of SSO-flow OAuth + authentication Makes use of Feide (without changes) Feide Feide Connect grupper personsøk lagring aktivitetstr API authz Offers additional services Better support for mobile, desktop etc. API Authorization Management Tjeneste backend API Extremely simple integration for Service Providers Low-bar of entry 
 (for students, non-commercial, etc) oktober 23, 2013 !6
Authentication Feide based upon SAML 2.0 Rather complex results in relatively high integration cost for Service Providers. Limited opportunities to the «login request -> response»-flow. ! Trends in consumer markets (Facebook, Google, Twitter, Linkedin, Salesforce) From enterprise protocols towards APIs / REST and OAuth Providers needs to offer APIs and third party integration anyway; OAuth Easy to establish a simple authentication protocol (userinfo) on top of that OpenID Connect Built-in support for cross-federation (eduGAIN, Kalmar) and guest users. oktober 23, 2013 7
Groups and roles !8
Groups and roles API Service Base layer: builds groups 
 from Feide attributes Feide tjeneste Mobil app Web app Tredjepartsklient / integrasjon Connector to FS:
 emner, studieretning med mer. Feide Connect Support for Ad-Hoc groups
 Feide Anyone can create groups for their collaboration needs. Cross-organizational groups. Support for custom external connectors to an institutions authoritative source of group data. Groups FS personsøk lagring aktivitetstr API authz Ext Connectors AdHoc !9
Ad-hoc group management front-end !10
People Search Separate People Search API Authenticated API Also available as a JS library And as a Federated Widget Relies on already public information Better user experience to search for real user names, than to add userids. !11
Modell for grupper Superenkel, men utvidbar, informasjonsmodell ! ! ! ! ! Protokoll for: hente ut liste over grupper for gjeldende bruker (fra FeideID) hente ut liste over medlemmer for en gitt gruppe (fra gruppeID) !12
Utvidet modell Standardisering per gruppe-type for utvidede egenskaper. !13
Subscriptions Content associated with public groups. Users may subscribe. !14
Activity Streams !15
ma Ar ha zs WebApp frontend Widgets dr wi eas l l a co tte nfi nd rm me ed eti an ng d df» ! sc he du led an ew me eti ng Generic information model A n ad ew u de se dt rT o t ho he rle gr if i ou s p Si mo n re «w as c elc rea om ted e!» a at wiki Ag pa or ge a User interfaces An d Acitivites posted to one or more groups An re .p Mobile app frontend da at file Cl «a o u rc ds hi tor tec tu API re Activity Streams One activity stream per group. !16
!17
Notifications The most important activity updates Email and mobile push notifications Personal preferences !18
Open Data !19
Open Data Universities increasing interest to share their data using APIs. Motivates growth of new innovative, and better services for the employees and students. ! Privacy very important! Complex to provide authentication model for delegated access to personal data. !20
Self-service !21
Registration of new clients ! Third parties register new clients, and requests access to API scopes. !22
Managing clients ! › Trust › Scope management › Statistics ! › Authorization workflow !23
API Authorization workflow ! API owner grants access to new clients. › Clients bounded to authenticated users / organizations !24
Users accessing clients, is handled through Feide login The platform will make sure end users accessing the clients are authenticated (using Feide). !25
API Authorization Dialog !26
Client has obtained a token, and can access «Feide Connect» services, such as: ! > user info, > groups, > activity streams !27
International Collaboration Any student or employee in Europe should be able to login with their local credentials on the through the platform. Established cross-federation connections through eduGAIN and Kalmar. ! Collaboration on harmonizing group definitions and exchange protocols with other countries.
 Collaboration through GÉANT, Terena. Nordic collaboration through NordForum? Standardization
 OAuth, OpenID Connect, SCIM, OpenSocial, ActivityStreams, Misc W3C !28
Til diskusjon Identifikator for mapping av bruker, brukerID, FeideID, studentID, personnummer, etc. Hvilke type grupper, og evnt roller Avtaleverk, og tilgang i utviklingsfasen Kilde for dataene, WS vs database Hastighet på oppslag Samarbeid, UNINETT <-> FS !29

Recommended

Feide Connect
Feide ConnectFeide Connect
Feide Connect
Andreas Åkre Solberg
 
OIS Architecture Review
OIS Architecture ReviewOIS Architecture Review
OIS Architecture Review
ForgeRock
 
cloud
cloudcloud
cloudcarlos1208
 
Ukfs Snr Dev Arch Forum Pres1 Jb
Ukfs Snr Dev Arch Forum Pres1 JbUkfs Snr Dev Arch Forum Pres1 Jb
Ukfs Snr Dev Arch Forum Pres1 JbAllyWick
 
Extending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partnersExtending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partners
Corey Roth
 
Active Directory Self-Service Suite Overview
Active Directory Self-Service Suite OverviewActive Directory Self-Service Suite Overview
Active Directory Self-Service Suite Overview
EmpowerID
 
The Windows Live Platform: Build Applications That Have Access to 400 Million...
The Windows Live Platform: Build Applications That Have Access to 400 Million...The Windows Live Platform: Build Applications That Have Access to 400 Million...
The Windows Live Platform: Build Applications That Have Access to 400 Million...
goodfriday
 
Web services and SOA [Modified]
Web services and SOA [Modified]Web services and SOA [Modified]
Web services and SOA [Modified]
Subin Sugunan
 

Recommended

Feide Connect
Feide ConnectFeide Connect
Feide Connect
Andreas Åkre Solberg
 
OIS Architecture Review
OIS Architecture ReviewOIS Architecture Review
OIS Architecture Review
ForgeRock
 
cloud
cloudcloud
cloudcarlos1208
 
Ukfs Snr Dev Arch Forum Pres1 Jb
Ukfs Snr Dev Arch Forum Pres1 JbUkfs Snr Dev Arch Forum Pres1 Jb
Ukfs Snr Dev Arch Forum Pres1 JbAllyWick
 
Extending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partnersExtending SharePoint 2010 to your customers and partners
Extending SharePoint 2010 to your customers and partners
Corey Roth
 
Active Directory Self-Service Suite Overview
Active Directory Self-Service Suite OverviewActive Directory Self-Service Suite Overview
Active Directory Self-Service Suite Overview
EmpowerID
 
The Windows Live Platform: Build Applications That Have Access to 400 Million...
The Windows Live Platform: Build Applications That Have Access to 400 Million...The Windows Live Platform: Build Applications That Have Access to 400 Million...
The Windows Live Platform: Build Applications That Have Access to 400 Million...
goodfriday
 
Web services and SOA [Modified]
Web services and SOA [Modified]Web services and SOA [Modified]
Web services and SOA [Modified]
Subin Sugunan
 
Wsdl Bahankuliah
Wsdl BahankuliahWsdl Bahankuliah
Wsdl BahankuliahEri Alam
 
70 346 Managing office 365 identities
70 346 Managing office 365 identities70 346 Managing office 365 identities
70 346 Managing office 365 identities
clounoud
 
Authentication Using Twitter, Google, Facebook, And More
Authentication Using Twitter, Google, Facebook, And MoreAuthentication Using Twitter, Google, Facebook, And More
Authentication Using Twitter, Google, Facebook, And More
Billy Cravens
 
Claims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners GuideClaims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners GuidePhuong Nguyen
 
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersOpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for Beginners
Salesforce Developers
 
MicroSoft Sharepoint Online Training in Canada
MicroSoft Sharepoint Online Training in Canada MicroSoft Sharepoint Online Training in Canada
MicroSoft Sharepoint Online Training in Canada
BoundTechS
 
Getting Started with Microsoft Bot Framework
Getting Started with Microsoft Bot FrameworkGetting Started with Microsoft Bot Framework
Getting Started with Microsoft Bot Framework
Akshay Deshmukh
 
OWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.pptOWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.pptwebhostingguy
 
Topic5 Web Services
Topic5 Web ServicesTopic5 Web Services
Topic5 Web Servicessanjoysanyal
 
Cics Web 2.0 With Atom Feeds And Php
Cics Web 2.0 With Atom Feeds And PhpCics Web 2.0 With Atom Feeds And Php
Cics Web 2.0 With Atom Feeds And Php
CICS ROADSHOW
 
Windows Server 2008 Active Directory ADFS Claims-base Idm for Windows Part 2
Windows Server 2008 Active Directory ADFS Claims-base Idm for Windows Part 2Windows Server 2008 Active Directory ADFS Claims-base Idm for Windows Part 2
Windows Server 2008 Active Directory ADFS Claims-base Idm for Windows Part 2
Tũi Wichets
 
Blue Button 2.0
Blue Button 2.0Blue Button 2.0
Blue Button 2.0
SofiaGaldamez1
 
Web Services ppt
Web Services pptWeb Services ppt
Web Services ppt
OECLIB Odisha Electronics Control Library
 
WSO2 Identity Server - Getting Started
WSO2 Identity Server - Getting StartedWSO2 Identity Server - Getting Started
WSO2 Identity Server - Getting Started
Ismaeel Enjreny
 
Xamarin Dev Days - Connected & Disconnected Apps with Azure Mobile Apps
Xamarin Dev Days - Connected & Disconnected Apps with Azure Mobile AppsXamarin Dev Days - Connected & Disconnected Apps with Azure Mobile Apps
Xamarin Dev Days - Connected & Disconnected Apps with Azure Mobile Apps
Guy Barrette
 
Microsoft bot framework in azure
Microsoft bot framework in azureMicrosoft bot framework in azure
Microsoft bot framework in azure
Shahriar Hossain
 
Web 2 0 Technologies
Web 2 0 TechnologiesWeb 2 0 Technologies
Web 2 0 TechnologiesSenthil Murugan
 
#3 Wso2 masterclassitalia - wso2 Identity Server: must-have per gestire le id...
#3 Wso2 masterclassitalia - wso2 Identity Server: must-have per gestire le id...#3 Wso2 masterclassitalia - wso2 Identity Server: must-have per gestire le id...
#3 Wso2 masterclassitalia - wso2 Identity Server: must-have per gestire le id...
Profesia Srl, Lynx Group
 
Wso2 is integration with .net core
Wso2 is integration with .net coreWso2 is integration with .net core
Wso2 is integration with .net core
Ismaeel Enjreny
 
Understanding Claim based Authentication
Understanding Claim based AuthenticationUnderstanding Claim based Authentication
Understanding Claim based Authentication
Mohammad Yousri
 
Feide Connect (IoU Fagdag)
Feide Connect (IoU Fagdag)Feide Connect (IoU Fagdag)
Feide Connect (IoU Fagdag)Andreas Åkre Solberg
 
Web 2.0 Tech Talk
Web 2.0 Tech TalkWeb 2.0 Tech Talk
Web 2.0 Tech Talkpooyad
 

More Related Content

What's hot

Wsdl Bahankuliah
Wsdl BahankuliahWsdl Bahankuliah
Wsdl BahankuliahEri Alam
 
70 346 Managing office 365 identities
70 346 Managing office 365 identities70 346 Managing office 365 identities
70 346 Managing office 365 identities
clounoud
 
Authentication Using Twitter, Google, Facebook, And More
Authentication Using Twitter, Google, Facebook, And MoreAuthentication Using Twitter, Google, Facebook, And More
Authentication Using Twitter, Google, Facebook, And More
Billy Cravens
 
Claims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners GuideClaims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners GuidePhuong Nguyen
 
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersOpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for Beginners
Salesforce Developers
 
MicroSoft Sharepoint Online Training in Canada
MicroSoft Sharepoint Online Training in Canada MicroSoft Sharepoint Online Training in Canada
MicroSoft Sharepoint Online Training in Canada
BoundTechS
 
Getting Started with Microsoft Bot Framework
Getting Started with Microsoft Bot FrameworkGetting Started with Microsoft Bot Framework
Getting Started with Microsoft Bot Framework
Akshay Deshmukh
 
OWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.pptOWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.pptwebhostingguy
 
Topic5 Web Services
Topic5 Web ServicesTopic5 Web Services
Topic5 Web Servicessanjoysanyal
 
Cics Web 2.0 With Atom Feeds And Php
Cics Web 2.0 With Atom Feeds And PhpCics Web 2.0 With Atom Feeds And Php
Cics Web 2.0 With Atom Feeds And Php
CICS ROADSHOW
 
Windows Server 2008 Active Directory ADFS Claims-base Idm for Windows Part 2
Windows Server 2008 Active Directory ADFS Claims-base Idm for Windows Part 2Windows Server 2008 Active Directory ADFS Claims-base Idm for Windows Part 2
Windows Server 2008 Active Directory ADFS Claims-base Idm for Windows Part 2
Tũi Wichets
 
Blue Button 2.0
Blue Button 2.0Blue Button 2.0
Blue Button 2.0
SofiaGaldamez1
 
WSO2 Identity Server - Getting Started
WSO2 Identity Server - Getting StartedWSO2 Identity Server - Getting Started
WSO2 Identity Server - Getting Started
Ismaeel Enjreny
 
Xamarin Dev Days - Connected & Disconnected Apps with Azure Mobile Apps
Xamarin Dev Days - Connected & Disconnected Apps with Azure Mobile AppsXamarin Dev Days - Connected & Disconnected Apps with Azure Mobile Apps
Xamarin Dev Days - Connected & Disconnected Apps with Azure Mobile Apps
Guy Barrette
 
Microsoft bot framework in azure
Microsoft bot framework in azureMicrosoft bot framework in azure
Microsoft bot framework in azure
Shahriar Hossain
 
#3 Wso2 masterclassitalia - wso2 Identity Server: must-have per gestire le id...
#3 Wso2 masterclassitalia - wso2 Identity Server: must-have per gestire le id...#3 Wso2 masterclassitalia - wso2 Identity Server: must-have per gestire le id...
#3 Wso2 masterclassitalia - wso2 Identity Server: must-have per gestire le id...
Profesia Srl, Lynx Group
 
Wso2 is integration with .net core
Wso2 is integration with .net coreWso2 is integration with .net core
Wso2 is integration with .net core
Ismaeel Enjreny
 
Understanding Claim based Authentication
Understanding Claim based AuthenticationUnderstanding Claim based Authentication
Understanding Claim based Authentication
Mohammad Yousri
 

What's hot (20)

Wsdl Bahankuliah
Wsdl BahankuliahWsdl Bahankuliah
Wsdl Bahankuliah
 
70 346 Managing office 365 identities
70 346 Managing office 365 identities70 346 Managing office 365 identities
70 346 Managing office 365 identities
 
Authentication Using Twitter, Google, Facebook, And More
Authentication Using Twitter, Google, Facebook, And MoreAuthentication Using Twitter, Google, Facebook, And More
Authentication Using Twitter, Google, Facebook, And More
 
Claims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners GuideClaims Based Authentication A Beginners Guide
Claims Based Authentication A Beginners Guide
 
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersOpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for Beginners
 
MicroSoft Sharepoint Online Training in Canada
MicroSoft Sharepoint Online Training in Canada MicroSoft Sharepoint Online Training in Canada
MicroSoft Sharepoint Online Training in Canada
 
Getting Started with Microsoft Bot Framework
Getting Started with Microsoft Bot FrameworkGetting Started with Microsoft Bot Framework
Getting Started with Microsoft Bot Framework
 
OWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.pptOWASPSanAntonio_2006_08_SingleSignOn.ppt
OWASPSanAntonio_2006_08_SingleSignOn.ppt
 
Topic5 Web Services
Topic5 Web ServicesTopic5 Web Services
Topic5 Web Services
 
Cics Web 2.0 With Atom Feeds And Php
Cics Web 2.0 With Atom Feeds And PhpCics Web 2.0 With Atom Feeds And Php
Cics Web 2.0 With Atom Feeds And Php
 
Windows Server 2008 Active Directory ADFS Claims-base Idm for Windows Part 2
Windows Server 2008 Active Directory ADFS Claims-base Idm for Windows Part 2Windows Server 2008 Active Directory ADFS Claims-base Idm for Windows Part 2
Windows Server 2008 Active Directory ADFS Claims-base Idm for Windows Part 2
 
Blue Button 2.0
Blue Button 2.0Blue Button 2.0
Blue Button 2.0
 
Web Services ppt
Web Services pptWeb Services ppt
Web Services ppt
 
WSO2 Identity Server - Getting Started
WSO2 Identity Server - Getting StartedWSO2 Identity Server - Getting Started
WSO2 Identity Server - Getting Started
 
Xamarin Dev Days - Connected & Disconnected Apps with Azure Mobile Apps
Xamarin Dev Days - Connected & Disconnected Apps with Azure Mobile AppsXamarin Dev Days - Connected & Disconnected Apps with Azure Mobile Apps
Xamarin Dev Days - Connected & Disconnected Apps with Azure Mobile Apps
 
Microsoft bot framework in azure
Microsoft bot framework in azureMicrosoft bot framework in azure
Microsoft bot framework in azure
 
Web 2 0 Technologies
Web 2 0 TechnologiesWeb 2 0 Technologies
Web 2 0 Technologies
 
#3 Wso2 masterclassitalia - wso2 Identity Server: must-have per gestire le id...
#3 Wso2 masterclassitalia - wso2 Identity Server: must-have per gestire le id...#3 Wso2 masterclassitalia - wso2 Identity Server: must-have per gestire le id...
#3 Wso2 masterclassitalia - wso2 Identity Server: must-have per gestire le id...
 
Wso2 is integration with .net core
Wso2 is integration with .net coreWso2 is integration with .net core
Wso2 is integration with .net core
 
Understanding Claim based Authentication
Understanding Claim based AuthenticationUnderstanding Claim based Authentication
Understanding Claim based Authentication
 

Similar to Feide Connect

Web 2.0 Tech Talk
Web 2.0 Tech TalkWeb 2.0 Tech Talk
Web 2.0 Tech Talkpooyad
 
Feide Connect – Standard Norge February 2015
Feide Connect – Standard Norge February 2015Feide Connect – Standard Norge February 2015
Feide Connect – Standard Norge February 2015
Andreas Åkre Solberg
 
Feide Connect TNC2014
Feide Connect TNC2014Feide Connect TNC2014
Feide Connect TNC2014
Andreas Åkre Solberg
 
Developing, Distributing, And Monetizing Web Applications With Web Ex Connect...
Developing, Distributing, And Monetizing Web Applications With Web Ex Connect...Developing, Distributing, And Monetizing Web Applications With Web Ex Connect...
Developing, Distributing, And Monetizing Web Applications With Web Ex Connect...jward5519
 
Introduction to the Microsoft identity platform for developers
Introduction to the Microsoft identity platform for developersIntroduction to the Microsoft identity platform for developers
Introduction to the Microsoft identity platform for developers
Christos Matskas
 
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...
Vincent Biret
 
#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...
#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...
#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...
Vincent Biret
 
SPSMad2016 Rubén Toribio - Template
SPSMad2016 Rubén Toribio - TemplateSPSMad2016 Rubén Toribio - Template
SPSMad2016 Rubén Toribio - TemplateRub Toribio Gallardo
 
JoTechies - Cloud identity
JoTechies - Cloud identityJoTechies - Cloud identity
JoTechies - Cloud identity
JoTechies
 
Federation in Practice
Federation in PracticeFederation in Practice
Federation in Practice
ForgeRock
 
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...
Vincent Biret
 
PowerApps, the Developer Story: Build an API to Integrate Corporate Data
PowerApps, the Developer Story: Build an API to Integrate Corporate DataPowerApps, the Developer Story: Build an API to Integrate Corporate Data
PowerApps, the Developer Story: Build an API to Integrate Corporate Data
Bram de Jager
 
Microsoft Azure Identity and O365
Microsoft Azure Identity and O365Microsoft Azure Identity and O365
Microsoft Azure Identity and O365
Kris Wagner
 
Five Things You Gotta Know About Modern Identity
Five Things You Gotta Know About Modern IdentityFive Things You Gotta Know About Modern Identity
Five Things You Gotta Know About Modern Identity
Mark Diodati
 
Premier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure ADPremier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure ADuberbaum
 
Third party api integration
Third party api integrationThird party api integration
Third party api integration
Metricoid Technology
 
What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?
Vignesh Ganesan I Microsoft MVP
 
Securely expose protected resources as ap is with app42 api gateway
Securely expose protected resources as ap is with app42 api gatewaySecurely expose protected resources as ap is with app42 api gateway
Securely expose protected resources as ap is with app42 api gateway
Zuaib
 
RSA Europe: Future of Cloud Identity
RSA Europe: Future of Cloud IdentityRSA Europe: Future of Cloud Identity
RSA Europe: Future of Cloud Identity
Mike Schwartz
 

Similar to Feide Connect (20)

Feide Connect (IoU Fagdag)
Feide Connect (IoU Fagdag)Feide Connect (IoU Fagdag)
Feide Connect (IoU Fagdag)
 
Web 2.0 Tech Talk
Web 2.0 Tech TalkWeb 2.0 Tech Talk
Web 2.0 Tech Talk
 
Feide Connect – Standard Norge February 2015
Feide Connect – Standard Norge February 2015Feide Connect – Standard Norge February 2015
Feide Connect – Standard Norge February 2015
 
Feide Connect TNC2014
Feide Connect TNC2014Feide Connect TNC2014
Feide Connect TNC2014
 
Developing, Distributing, And Monetizing Web Applications With Web Ex Connect...
Developing, Distributing, And Monetizing Web Applications With Web Ex Connect...Developing, Distributing, And Monetizing Web Applications With Web Ex Connect...
Developing, Distributing, And Monetizing Web Applications With Web Ex Connect...
 
Introduction to the Microsoft identity platform for developers
Introduction to the Microsoft identity platform for developersIntroduction to the Microsoft identity platform for developers
Introduction to the Microsoft identity platform for developers
 
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...
 
#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...
#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...
#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...
 
SPSMad2016 Rubén Toribio - Template
SPSMad2016 Rubén Toribio - TemplateSPSMad2016 Rubén Toribio - Template
SPSMad2016 Rubén Toribio - Template
 
JoTechies - Cloud identity
JoTechies - Cloud identityJoTechies - Cloud identity
JoTechies - Cloud identity
 
Federation in Practice
Federation in PracticeFederation in Practice
Federation in Practice
 
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...
 
PowerApps, the Developer Story: Build an API to Integrate Corporate Data
PowerApps, the Developer Story: Build an API to Integrate Corporate DataPowerApps, the Developer Story: Build an API to Integrate Corporate Data
PowerApps, the Developer Story: Build an API to Integrate Corporate Data
 
Microsoft Azure Identity and O365
Microsoft Azure Identity and O365Microsoft Azure Identity and O365
Microsoft Azure Identity and O365
 
Five Things You Gotta Know About Modern Identity
Five Things You Gotta Know About Modern IdentityFive Things You Gotta Know About Modern Identity
Five Things You Gotta Know About Modern Identity
 
Premier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure ADPremier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure AD
 
Third party api integration
Third party api integrationThird party api integration
Third party api integration
 
What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?
 
Securely expose protected resources as ap is with app42 api gateway
Securely expose protected resources as ap is with app42 api gatewaySecurely expose protected resources as ap is with app42 api gateway
Securely expose protected resources as ap is with app42 api gateway
 
RSA Europe: Future of Cloud Identity
RSA Europe: Future of Cloud IdentityRSA Europe: Future of Cloud Identity
RSA Europe: Future of Cloud Identity
 

More from Andreas Åkre Solberg

OpenID Connect Federation
OpenID Connect FederationOpenID Connect Federation
OpenID Connect Federation
Andreas Åkre Solberg
 
Dataporten for grunnopplæringa - Workshop September 2017
Dataporten for grunnopplæringa - Workshop September 2017Dataporten for grunnopplæringa - Workshop September 2017
Dataporten for grunnopplæringa - Workshop September 2017
Andreas Åkre Solberg
 
Dataporten Workshop
Dataporten WorkshopDataporten Workshop
Dataporten Workshop
Andreas Åkre Solberg
 
Dataporten
DataportenDataporten
Dataporten
Andreas Åkre Solberg
 
Dataporten for Sigma2, Hell
Dataporten for Sigma2, HellDataporten for Sigma2, Hell
Dataporten for Sigma2, Hell
Andreas Åkre Solberg
 
Dataporten intro (workshop with Difi)
Dataporten intro (workshop with Difi)Dataporten intro (workshop with Difi)
Dataporten intro (workshop with Difi)
Andreas Åkre Solberg
 
UNINETT Feide Connect (Feide fagdag)
UNINETT Feide Connect (Feide fagdag)UNINETT Feide Connect (Feide fagdag)
UNINETT Feide Connect (Feide fagdag)
Andreas Åkre Solberg
 
Connect (UNINETT-konferansen, Tromsø)
Connect (UNINETT-konferansen, Tromsø)Connect (UNINETT-konferansen, Tromsø)
Connect (UNINETT-konferansen, Tromsø)
Andreas Åkre Solberg
 
Connect (USIT)
Connect (USIT)Connect (USIT)
Connect (USIT)
Andreas Åkre Solberg
 
Norsk UH-sektor og økosystemer for identitet og integrasjoner i skyen
Norsk UH-sektor og økosystemer for identitet og integrasjoner i skyenNorsk UH-sektor og økosystemer for identitet og integrasjoner i skyen
Norsk UH-sektor og økosystemer for identitet og integrasjoner i skyen
Andreas Åkre Solberg
 
Feide Connect SUHS 2014
Feide Connect SUHS 2014Feide Connect SUHS 2014
Feide Connect SUHS 2014
Andreas Åkre Solberg
 
Feide Connect (NOKIOS 2014)
Feide Connect (NOKIOS 2014)Feide Connect (NOKIOS 2014)
Feide Connect (NOKIOS 2014)
Andreas Åkre Solberg
 
SCIM and VOOT
SCIM and VOOTSCIM and VOOT
SCIM and VOOT
Andreas Åkre Solberg
 
OAuth 2.0
OAuth 2.0OAuth 2.0
OAuth 2.0
Andreas Åkre Solberg
 
UWAP Tjenesteplattform
UWAP TjenesteplattformUWAP Tjenesteplattform
UWAP Tjenesteplattform
Andreas Åkre Solberg
 
UNINETT IoU - UWAP Prototype
UNINETT IoU - UWAP PrototypeUNINETT IoU - UWAP Prototype
UNINETT IoU - UWAP Prototype
Andreas Åkre Solberg
 
UNINETT WebApp Park
UNINETT WebApp ParkUNINETT WebApp Park
UNINETT WebApp Park
Andreas Åkre Solberg
 
Federation Lab and OpenID Connect
Federation Lab and OpenID ConnectFederation Lab and OpenID Connect
Federation Lab and OpenID Connect
Andreas Åkre Solberg
 

More from Andreas Åkre Solberg (20)

OpenID Connect Federation
OpenID Connect FederationOpenID Connect Federation
OpenID Connect Federation
 
Dataporten for grunnopplæringa - Workshop September 2017
Dataporten for grunnopplæringa - Workshop September 2017Dataporten for grunnopplæringa - Workshop September 2017
Dataporten for grunnopplæringa - Workshop September 2017
 
Dataporten Workshop
Dataporten WorkshopDataporten Workshop
Dataporten Workshop
 
Dataporten
DataportenDataporten
Dataporten
 
Dataporten for Sigma2, Hell
Dataporten for Sigma2, HellDataporten for Sigma2, Hell
Dataporten for Sigma2, Hell
 
Dataporten intro (workshop with Difi)
Dataporten intro (workshop with Difi)Dataporten intro (workshop with Difi)
Dataporten intro (workshop with Difi)
 
UNINETT Feide Connect (Feide fagdag)
UNINETT Feide Connect (Feide fagdag)UNINETT Feide Connect (Feide fagdag)
UNINETT Feide Connect (Feide fagdag)
 
Connect (UNINETT-konferansen, Tromsø)
Connect (UNINETT-konferansen, Tromsø)Connect (UNINETT-konferansen, Tromsø)
Connect (UNINETT-konferansen, Tromsø)
 
Connect (USIT)
Connect (USIT)Connect (USIT)
Connect (USIT)
 
Connect (Feide fagdag, Gardemoen)
Connect (Feide fagdag, Gardemoen)Connect (Feide fagdag, Gardemoen)
Connect (Feide fagdag, Gardemoen)
 
Norsk UH-sektor og økosystemer for identitet og integrasjoner i skyen
Norsk UH-sektor og økosystemer for identitet og integrasjoner i skyenNorsk UH-sektor og økosystemer for identitet og integrasjoner i skyen
Norsk UH-sektor og økosystemer for identitet og integrasjoner i skyen
 
Feide Connect SUHS 2014
Feide Connect SUHS 2014Feide Connect SUHS 2014
Feide Connect SUHS 2014
 
Feide Connect (NOKIOS 2014)
Feide Connect (NOKIOS 2014)Feide Connect (NOKIOS 2014)
Feide Connect (NOKIOS 2014)
 
Feide connect tnc2014
Feide connect tnc2014Feide connect tnc2014
Feide connect tnc2014
 
SCIM and VOOT
SCIM and VOOTSCIM and VOOT
SCIM and VOOT
 
OAuth 2.0
OAuth 2.0OAuth 2.0
OAuth 2.0
 
UWAP Tjenesteplattform
UWAP TjenesteplattformUWAP Tjenesteplattform
UWAP Tjenesteplattform
 
UNINETT IoU - UWAP Prototype
UNINETT IoU - UWAP PrototypeUNINETT IoU - UWAP Prototype
UNINETT IoU - UWAP Prototype
 
UNINETT WebApp Park
UNINETT WebApp ParkUNINETT WebApp Park
UNINETT WebApp Park
 
Federation Lab and OpenID Connect
Federation Lab and OpenID ConnectFederation Lab and OpenID Connect
Federation Lab and OpenID Connect
 

Recently uploaded

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 

Recently uploaded (20)

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 

Feide Connect

  • 1. «Feide Connect» Next generation service platform for advanced services and collaboration services for higher education. Andreas Åkre Solberg andreas.solberg@uninett.no
  • 2. Once upon a time Web Single Sign-On with Feide was sufficient to provide a seamless user experience across services. !2
  • 3. Collaboration on Internet ✤ A dynamic working groups spanning multiple organizations, work together using digital collaboration tools: ✤ A wiki ✤ Document sharing tool ✤ Meeting planner and calendar ✤ A Web meeting tool ✤ A web forum or mailinglist !3
  • 4.
  • 5. Feide Connect Authenti cation Self Service Groups and Roles Activity People streams search API Authz Mngmnt OAuth Authorization Engine HTTP API 5
  • 6. Feide Connect New architecture Feide tjeneste Mobil app Web app Tredjepartsklient / integrasjon API-based instead of SSO-flow OAuth + authentication Makes use of Feide (without changes) Feide Feide Connect grupper personsøk lagring aktivitetstr API authz Offers additional services Better support for mobile, desktop etc. API Authorization Management Tjeneste backend API Extremely simple integration for Service Providers Low-bar of entry 
 (for students, non-commercial, etc) oktober 23, 2013 !6
  • 7. Authentication Feide based upon SAML 2.0 Rather complex results in relatively high integration cost for Service Providers. Limited opportunities to the «login request -> response»-flow. ! Trends in consumer markets (Facebook, Google, Twitter, Linkedin, Salesforce) From enterprise protocols towards APIs / REST and OAuth Providers needs to offer APIs and third party integration anyway; OAuth Easy to establish a simple authentication protocol (userinfo) on top of that OpenID Connect Built-in support for cross-federation (eduGAIN, Kalmar) and guest users. oktober 23, 2013 7
  • 9. Groups and roles API Service Base layer: builds groups 
 from Feide attributes Feide tjeneste Mobil app Web app Tredjepartsklient / integrasjon Connector to FS:
 emner, studieretning med mer. Feide Connect Support for Ad-Hoc groups
 Feide Anyone can create groups for their collaboration needs. Cross-organizational groups. Support for custom external connectors to an institutions authoritative source of group data. Groups FS personsøk lagring aktivitetstr API authz Ext Connectors AdHoc !9
  • 10. Ad-hoc group management front-end !10
  • 11. People Search Separate People Search API Authenticated API Also available as a JS library And as a Federated Widget Relies on already public information Better user experience to search for real user names, than to add userids. !11
  • 12. Modell for grupper Superenkel, men utvidbar, informasjonsmodell ! ! ! ! ! Protokoll for: hente ut liste over grupper for gjeldende bruker (fra FeideID) hente ut liste over medlemmer for en gitt gruppe (fra gruppeID) !12
  • 13. Utvidet modell Standardisering per gruppe-type for utvidede egenskaper. !13
  • 14. Subscriptions Content associated with public groups. Users may subscribe. !14
  • 16. ma Ar ha zs WebApp frontend Widgets dr wi eas l l a co tte nfi nd rm me ed eti an ng d df» ! sc he du led an ew me eti ng Generic information model A n ad ew u de se dt rT o t ho he rle gr if i ou s p Si mo n re «w as c elc rea om ted e!» a at wiki Ag pa or ge a User interfaces An d Acitivites posted to one or more groups An re .p Mobile app frontend da at file Cl «a o u rc ds hi tor tec tu API re Activity Streams One activity stream per group. !16
  • 17. !17
  • 18. Notifications The most important activity updates Email and mobile push notifications Personal preferences !18
  • 20. Open Data Universities increasing interest to share their data using APIs. Motivates growth of new innovative, and better services for the employees and students. ! Privacy very important! Complex to provide authentication model for delegated access to personal data. !20
  • 22. Registration of new clients ! Third parties register new clients, and requests access to API scopes. !22
  • 23. Managing clients ! › Trust › Scope management › Statistics ! › Authorization workflow !23
  • 24. API Authorization workflow ! API owner grants access to new clients. › Clients bounded to authenticated users / organizations !24
  • 25. Users accessing clients, is handled through Feide login The platform will make sure end users accessing the clients are authenticated (using Feide). !25
  • 27. Client has obtained a token, and can access «Feide Connect» services, such as: ! > user info, > groups, > activity streams !27
  • 28. International Collaboration Any student or employee in Europe should be able to login with their local credentials on the through the platform. Established cross-federation connections through eduGAIN and Kalmar. ! Collaboration on harmonizing group definitions and exchange protocols with other countries.
 Collaboration through GÉANT, Terena. Nordic collaboration through NordForum? Standardization
 OAuth, OpenID Connect, SCIM, OpenSocial, ActivityStreams, Misc W3C !28
  • 29. Til diskusjon Identifikator for mapping av bruker, brukerID, FeideID, studentID, personnummer, etc. Hvilke type grupper, og evnt roller Avtaleverk, og tilgang i utviklingsfasen Kilde for dataene, WS vs database Hastighet på oppslag Samarbeid, UNINETT <-> FS !29