SlideShare a Scribd company logo

Feide Connect

Andreas Åkre Solberg
Andreas Åkre Solberg

The document describes Feide Connect, a new platform for advanced collaboration services in higher education. Feide Connect uses APIs and OAuth instead of SAML for authentication, making integration simpler for service providers. It provides additional services like group management, person search, activity streams, and federated widgets. Feide Connect also includes an API authorization management system to securely provide access to university data through third party applications and services. The goals of Feide Connect are to improve collaboration both within and between universities through open standards and easy integration.

Technology
1 of 37
Download to read offline
«Feide Connect» Next generation service platform for advanced services and collaboration services for higher education. Andreas Åkre Solberg andreas.solberg@uninett.no
Once upon a time Web Single Sign-On with Feide was sufficient to provide a seamless user experience across services. !2
Collaboration on Internet ✤ A dynamic working groups spanning multiple organizations, work together using digital collaboration tools: ✤ A wiki ✤ Document sharing tool ✤ Meeting planner and calendar ✤ A Web meeting tool ✤ A web forum or mailinglist !3
Authentication Feide based upon SAML 2.0 Rather complex results in relatively high integration cost for Service Providers. Limited opportunities to the «login request -> response»-flow. ! Trends in consumer markets (Facebook, Google, Twitter, Linkedin, Salesforce) From enterprise protocols towards APIs / REST and OAuth Providers needs to offer APIs and third party integration anyway; OAuth Easy to establish a simple authentication protocol (userinfo) on top of that OpenID Connect Built-in support for cross-federation (eduGAIN, Kalmar) and guest users. oktober 23, 2013 5
Feide Connect New architecture Feide tjeneste Mobil app Web app Tredjepartsklient / integrasjon API-based instead of SSO-flow OAuth + authentication Makes use of Feide (without changes) Feide Feide Connect grupper personsøk lagring aktivitetstr API authz Offers additional services Better support for mobile, desktop etc. API Authorization Management Tjeneste backend API Extremely simple integration for Service Providers Low-bar of entry 
 (for students, non-commercial, etc) oktober 23, 2013 !6
Groups and roles !7
Groups and roles API Service Base layer: builds groups 
 from Feide attributes Feide tjeneste Mobil app Web app Tredjepartsklient / integrasjon Connector to FS:
 emner, studieretning med mer. Feide Connect Support for Ad-Hoc groups
 Feide Anyone can create groups for their collaboration needs. Cross-organizational groups. Support for custom external connectors to an institutions authoritative source of group data. Groups FS personsøk lagring aktivitetstr API authz Ext Connectors AdHoc !8
Ad-hoc group management front-end !9
People Search Separate People Search API Authenticated API Also available as a JS library And as a Federated Widget Relies on already public information Better user experience to search for real user names, than to add userids. !10
Activity Streams !11
ma Ar ha zs WebApp frontend Widgets dr wi eas l l a co tte nfi nd rm me ed eti an ng d df» ! sc he du led an ew me eti ng Generic information model A n ad ew u de se dt rT o t ho he rle gr if i ou s p Si mo n re «w as c elc rea om ted e!» a at wiki Ag pa or ge a User interfaces An d Acitivites posted to one or more groups An re .p Mobile app frontend da at file Cl «a o u rc ds hi tor tec tu API re Activity Streams One activity stream per group. !12
!13
Notifications The most important activity updates Email and mobile push notifications Personal preferences !14
Federated Widgets !15
Federated Widgets Embed content on remote site Challenge: secure environment authentication adopt context !16
Widgets adopts context Widgets in a separate security domain Communicates with the surroundings Harmonized references; activities, users and groups. As well as time and location. !17
Federated Widgets ting using Webmee C o n n e ct Adobe Join meet ing !18
Feed Widget" Shows an aggregated feed of activities for the current selected group across all collaboration tools. Share widget" Can be easily integrated anywhere. Will share a link to the current web page !1 to the activity stream for the current user in a selected group context. 9
Open Data !20
Open Data Universities increasing interest to share their data using APIs. Motivates growth of new innovative, and better services for the employees and students. ! Privacy very important! Complex to provide authentication model for delegated access to personal data. !21
API Authorization Management !22
Registering a new API Gatekeeper !23
Managing an API ! › Trust › Scope management › Statistics ! › Authorization workflow !24
Public API Information Page ! › OAuth Connection details › Link to register, and request access !25
Registration of new clients ! Third parties register new clients, and requests access to API scopes. !26
API Authorization workflow ! API owner grants access to new clients. › Clients bounded to authenticated users / organizations !27
The platform will make sure end users accessing the clients are authenticated (using Feide). ! API owner does not have to think about Feide. !28
API Authorization Dialog !29
Feide Connect established a trusted channel with your API › Adds information in HTTP headers, with › User info › Groups › Client info and scopes !30
Self-Service and Scalability !31
Self-Service and Scalability Priority #1
 Everything is self-service Well-designed authorization work-flows. Focus on «one-click» grant, 
 when moderation is needed at all. Will run on HA infrastructure !32
International Collaboration !33
International Collaboration Any student or employee in Europe should be able to login with their local credentials on the through the platform. Established cross-federation connections through eduGAIN and Kalmar. ! Collaboration on harmonizing group definitions and exchange protocols with other countries.
 Collaboration through GÉANT, Terena and NordForum. ! Standardization
 OAuth, OpenID Connect, SCIM, OpenSocial, ActivityStreams, Misc W3C !34
Piloting with Institutions !35
Piloting with Institutions Allow access to login through Feide Setup access for Person Search. Directory access Register a set of test users with additional privileges Integration with FS for groups and roles Integration with external connectors Testing of API authorization Real users testing of collaboration tools !36
Plans forward !37

Recommended

Feide Connect
Feide ConnectFeide Connect
Feide Connect
Andreas Åkre Solberg
 
Feide Connect (IoU Fagdag)
Feide Connect (IoU Fagdag)Feide Connect (IoU Fagdag)
Feide Connect (IoU Fagdag)Andreas Åkre Solberg
 
Shoot Me a Token: OpenAM as an OAuth2 Provider
Shoot Me a Token: OpenAM as an OAuth2 ProviderShoot Me a Token: OpenAM as an OAuth2 Provider
Shoot Me a Token: OpenAM as an OAuth2 Provider
ForgeRock
 
S3 chat bot & the new world
S3 chat bot & the new worldS3 chat bot & the new world
S3 chat bot & the new world
LINE Corporation
 
OpenAM Best Practices - Corelio Media Case Study
OpenAM Best Practices - Corelio Media Case Study OpenAM Best Practices - Corelio Media Case Study
OpenAM Best Practices - Corelio Media Case Study
ForgeRock
 
S1 openning keynote
S1 openning keynoteS1 openning keynote
S1 openning keynote
LINE Corporation
 
Blue Button 2.0
Blue Button 2.0Blue Button 2.0
Blue Button 2.0
SofiaGaldamez1
 
Developing, Distributing, And Monetizing Web Applications With Web Ex Connect...
Developing, Distributing, And Monetizing Web Applications With Web Ex Connect...Developing, Distributing, And Monetizing Web Applications With Web Ex Connect...
Developing, Distributing, And Monetizing Web Applications With Web Ex Connect...jward5519
 

Recommended

Feide Connect
Feide ConnectFeide Connect
Feide Connect
Andreas Åkre Solberg
 
Feide Connect (IoU Fagdag)
Feide Connect (IoU Fagdag)Feide Connect (IoU Fagdag)
Feide Connect (IoU Fagdag)Andreas Åkre Solberg
 
Shoot Me a Token: OpenAM as an OAuth2 Provider
Shoot Me a Token: OpenAM as an OAuth2 ProviderShoot Me a Token: OpenAM as an OAuth2 Provider
Shoot Me a Token: OpenAM as an OAuth2 Provider
ForgeRock
 
S3 chat bot & the new world
S3 chat bot & the new worldS3 chat bot & the new world
S3 chat bot & the new world
LINE Corporation
 
OpenAM Best Practices - Corelio Media Case Study
OpenAM Best Practices - Corelio Media Case Study OpenAM Best Practices - Corelio Media Case Study
OpenAM Best Practices - Corelio Media Case Study
ForgeRock
 
S1 openning keynote
S1 openning keynoteS1 openning keynote
S1 openning keynote
LINE Corporation
 
Blue Button 2.0
Blue Button 2.0Blue Button 2.0
Blue Button 2.0
SofiaGaldamez1
 
Developing, Distributing, And Monetizing Web Applications With Web Ex Connect...
Developing, Distributing, And Monetizing Web Applications With Web Ex Connect...Developing, Distributing, And Monetizing Web Applications With Web Ex Connect...
Developing, Distributing, And Monetizing Web Applications With Web Ex Connect...jward5519
 
CIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in ActionCIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in Action
CloudIDSummit
 
Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...
CoLaboraDK
 
S4 line business platform
S4 line business platformS4 line business platform
S4 line business platform
LINE Corporation
 
Our road to Single Sign-On, DocPlanner
Our road to Single Sign-On, DocPlannerOur road to Single Sign-On, DocPlanner
Our road to Single Sign-On, DocPlanner
Tomasz Wójcik
 
Surviving the Zombie Apocalypse of Connected devices - Jfokus 2013
Surviving the Zombie Apocalypse of Connected devices - Jfokus 2013Surviving the Zombie Apocalypse of Connected devices - Jfokus 2013
Surviving the Zombie Apocalypse of Connected devices - Jfokus 2013Gustaf Nilsson Kotte
 
Introduction to the Windows Live Platform
Introduction to the Windows Live PlatformIntroduction to the Windows Live Platform
Introduction to the Windows Live Platform
Clint Edmonson
 
Securing the Insecure
Securing the InsecureSecuring the Insecure
Securing the Insecure
WSO2
 
Google api sha1
Google api sha1Google api sha1
Google api sha1frantorremar
 
Identity as a Service
Identity as a ServiceIdentity as a Service
Identity as a ServicePrabath Siriwardena
 
Azure AD B2C An Introduction - DogFoodCon 2018
Azure AD B2C An Introduction - DogFoodCon 2018Azure AD B2C An Introduction - DogFoodCon 2018
Azure AD B2C An Introduction - DogFoodCon 2018
Jeremy Gray
 
SSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsSSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsJohn Bauer
 
REST API: Do More in the Feed with Action Links
REST API: Do More in the Feed with Action LinksREST API: Do More in the Feed with Action Links
REST API: Do More in the Feed with Action Links
Salesforce Developers
 
Building systems with rest
Building systems with restBuilding systems with rest
Building systems with rest
Glenn Block
 
Aplicaciones Xamarin conectadas y desconectadas con Azure
Aplicaciones Xamarin conectadas y desconectadas con AzureAplicaciones Xamarin conectadas y desconectadas con Azure
Aplicaciones Xamarin conectadas y desconectadas con Azure
Christian Melendez
 
WSO2 - Identity Server & API Manager - TeamOpenBravo - IF4050
WSO2 - Identity Server & API Manager - TeamOpenBravo - IF4050WSO2 - Identity Server & API Manager - TeamOpenBravo - IF4050
WSO2 - Identity Server & API Manager - TeamOpenBravo - IF4050
Mochammad Dikra Prasetya
 
Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)
Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)
Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)
Jeremy Gray
 
Visual Studio 2017 - Montreal Launch Event
Visual Studio 2017 - Montreal Launch EventVisual Studio 2017 - Montreal Launch Event
Visual Studio 2017 - Montreal Launch Event
Guy Barrette
 
SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoi...
SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoi...SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoi...
SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoi...Eric Shupps
 
Enterprise solution Workrocks
Enterprise solution WorkrocksEnterprise solution Workrocks
Enterprise solution Workrocks
Workrocks
 
Oauth 2.0
Oauth 2.0Oauth 2.0
Oauth 2.0
Manish Kumar Singh
 
01 Welcome - Federation Lab
01 Welcome - Federation Lab01 Welcome - Federation Lab
01 Welcome - Federation Lab
Andreas Åkre Solberg
 
Feide Connect (NOKIOS 2014)
Feide Connect (NOKIOS 2014)Feide Connect (NOKIOS 2014)
Feide Connect (NOKIOS 2014)
Andreas Åkre Solberg
 

More Related Content

What's hot

CIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in ActionCIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in Action
CloudIDSummit
 
Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...
CoLaboraDK
 
S4 line business platform
S4 line business platformS4 line business platform
S4 line business platform
LINE Corporation
 
Our road to Single Sign-On, DocPlanner
Our road to Single Sign-On, DocPlannerOur road to Single Sign-On, DocPlanner
Our road to Single Sign-On, DocPlanner
Tomasz Wójcik
 
Surviving the Zombie Apocalypse of Connected devices - Jfokus 2013
Surviving the Zombie Apocalypse of Connected devices - Jfokus 2013Surviving the Zombie Apocalypse of Connected devices - Jfokus 2013
Surviving the Zombie Apocalypse of Connected devices - Jfokus 2013Gustaf Nilsson Kotte
 
Introduction to the Windows Live Platform
Introduction to the Windows Live PlatformIntroduction to the Windows Live Platform
Introduction to the Windows Live Platform
Clint Edmonson
 
Securing the Insecure
Securing the InsecureSecuring the Insecure
Securing the Insecure
WSO2
 
Azure AD B2C An Introduction - DogFoodCon 2018
Azure AD B2C An Introduction - DogFoodCon 2018Azure AD B2C An Introduction - DogFoodCon 2018
Azure AD B2C An Introduction - DogFoodCon 2018
Jeremy Gray
 
SSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsSSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsJohn Bauer
 
REST API: Do More in the Feed with Action Links
REST API: Do More in the Feed with Action LinksREST API: Do More in the Feed with Action Links
REST API: Do More in the Feed with Action Links
Salesforce Developers
 
Building systems with rest
Building systems with restBuilding systems with rest
Building systems with rest
Glenn Block
 
Aplicaciones Xamarin conectadas y desconectadas con Azure
Aplicaciones Xamarin conectadas y desconectadas con AzureAplicaciones Xamarin conectadas y desconectadas con Azure
Aplicaciones Xamarin conectadas y desconectadas con Azure
Christian Melendez
 
WSO2 - Identity Server & API Manager - TeamOpenBravo - IF4050
WSO2 - Identity Server & API Manager - TeamOpenBravo - IF4050WSO2 - Identity Server & API Manager - TeamOpenBravo - IF4050
WSO2 - Identity Server & API Manager - TeamOpenBravo - IF4050
Mochammad Dikra Prasetya
 
Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)
Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)
Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)
Jeremy Gray
 
Visual Studio 2017 - Montreal Launch Event
Visual Studio 2017 - Montreal Launch EventVisual Studio 2017 - Montreal Launch Event
Visual Studio 2017 - Montreal Launch Event
Guy Barrette
 
SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoi...
SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoi...SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoi...
SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoi...Eric Shupps
 
Enterprise solution Workrocks
Enterprise solution WorkrocksEnterprise solution Workrocks
Enterprise solution Workrocks
Workrocks
 
Oauth 2.0
Oauth 2.0Oauth 2.0
Oauth 2.0
Manish Kumar Singh
 

What's hot (20)

CIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in ActionCIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in Action
 
Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...
 
S4 line business platform
S4 line business platformS4 line business platform
S4 line business platform
 
Our road to Single Sign-On, DocPlanner
Our road to Single Sign-On, DocPlannerOur road to Single Sign-On, DocPlanner
Our road to Single Sign-On, DocPlanner
 
Surviving the Zombie Apocalypse of Connected devices - Jfokus 2013
Surviving the Zombie Apocalypse of Connected devices - Jfokus 2013Surviving the Zombie Apocalypse of Connected devices - Jfokus 2013
Surviving the Zombie Apocalypse of Connected devices - Jfokus 2013
 
Introduction to the Windows Live Platform
Introduction to the Windows Live PlatformIntroduction to the Windows Live Platform
Introduction to the Windows Live Platform
 
Securing the Insecure
Securing the InsecureSecuring the Insecure
Securing the Insecure
 
Google api sha1
Google api sha1Google api sha1
Google api sha1
 
Identity as a Service
Identity as a ServiceIdentity as a Service
Identity as a Service
 
Azure AD B2C An Introduction - DogFoodCon 2018
Azure AD B2C An Introduction - DogFoodCon 2018Azure AD B2C An Introduction - DogFoodCon 2018
Azure AD B2C An Introduction - DogFoodCon 2018
 
SSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsSSO Strategy Implementation Considerations
SSO Strategy Implementation Considerations
 
REST API: Do More in the Feed with Action Links
REST API: Do More in the Feed with Action LinksREST API: Do More in the Feed with Action Links
REST API: Do More in the Feed with Action Links
 
Building systems with rest
Building systems with restBuilding systems with rest
Building systems with rest
 
Aplicaciones Xamarin conectadas y desconectadas con Azure
Aplicaciones Xamarin conectadas y desconectadas con AzureAplicaciones Xamarin conectadas y desconectadas con Azure
Aplicaciones Xamarin conectadas y desconectadas con Azure
 
WSO2 - Identity Server & API Manager - TeamOpenBravo - IF4050
WSO2 - Identity Server & API Manager - TeamOpenBravo - IF4050WSO2 - Identity Server & API Manager - TeamOpenBravo - IF4050
WSO2 - Identity Server & API Manager - TeamOpenBravo - IF4050
 
Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)
Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)
Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)
 
Visual Studio 2017 - Montreal Launch Event
Visual Studio 2017 - Montreal Launch EventVisual Studio 2017 - Montreal Launch Event
Visual Studio 2017 - Montreal Launch Event
 
SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoi...
SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoi...SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoi...
SPTECHCON - Who are You and What Do You Want - Working with OAuth in SharePoi...
 
Enterprise solution Workrocks
Enterprise solution WorkrocksEnterprise solution Workrocks
Enterprise solution Workrocks
 
Oauth 2.0
Oauth 2.0Oauth 2.0
Oauth 2.0
 

Viewers also liked

01 Welcome - Federation Lab
01 Welcome - Federation Lab01 Welcome - Federation Lab
01 Welcome - Federation Lab
Andreas Åkre Solberg
 
Feide Connect (NOKIOS 2014)
Feide Connect (NOKIOS 2014)Feide Connect (NOKIOS 2014)
Feide Connect (NOKIOS 2014)
Andreas Åkre Solberg
 
Norsk UH-sektor og økosystemer for identitet og integrasjoner i skyen
Norsk UH-sektor og økosystemer for identitet og integrasjoner i skyenNorsk UH-sektor og økosystemer for identitet og integrasjoner i skyen
Norsk UH-sektor og økosystemer for identitet og integrasjoner i skyen
Andreas Åkre Solberg
 
Feide Connect TNC2014
Feide Connect TNC2014Feide Connect TNC2014
Feide Connect TNC2014
Andreas Åkre Solberg
 
Feide Connect – Standard Norge February 2015
Feide Connect – Standard Norge February 2015Feide Connect – Standard Norge February 2015
Feide Connect – Standard Norge February 2015
Andreas Åkre Solberg
 

Viewers also liked (6)

01 Welcome - Federation Lab
01 Welcome - Federation Lab01 Welcome - Federation Lab
01 Welcome - Federation Lab
 
Feide Connect (NOKIOS 2014)
Feide Connect (NOKIOS 2014)Feide Connect (NOKIOS 2014)
Feide Connect (NOKIOS 2014)
 
Norsk UH-sektor og økosystemer for identitet og integrasjoner i skyen
Norsk UH-sektor og økosystemer for identitet og integrasjoner i skyenNorsk UH-sektor og økosystemer for identitet og integrasjoner i skyen
Norsk UH-sektor og økosystemer for identitet og integrasjoner i skyen
 
Feide Connect TNC2014
Feide Connect TNC2014Feide Connect TNC2014
Feide Connect TNC2014
 
Feide Connect – Standard Norge February 2015
Feide Connect – Standard Norge February 2015Feide Connect – Standard Norge February 2015
Feide Connect – Standard Norge February 2015
 
Connect (Feide fagdag, Gardemoen)
Connect (Feide fagdag, Gardemoen)Connect (Feide fagdag, Gardemoen)
Connect (Feide fagdag, Gardemoen)
 

Similar to Feide Connect

Web 2.0 Tech Talk
Web 2.0 Tech TalkWeb 2.0 Tech Talk
Web 2.0 Tech Talkpooyad
 
WSO2Con Asia 2014 - Building the API-Centric Enterprise
WSO2Con Asia 2014 - Building the API-Centric EnterpriseWSO2Con Asia 2014 - Building the API-Centric Enterprise
WSO2Con Asia 2014 - Building the API-Centric EnterpriseWSO2
 
Building an API Centric SOA
Building an API Centric SOA Building an API Centric SOA
Building an API Centric SOA WSO2
 
EduID Mobile App - Use-Cases, Concepts and Implementation
EduID Mobile App - Use-Cases, Concepts and ImplementationEduID Mobile App - Use-Cases, Concepts and Implementation
EduID Mobile App - Use-Cases, Concepts and Implementation
Christian Glahn
 
Securely expose protected resources as ap is with app42 api gateway
Securely expose protected resources as ap is with app42 api gatewaySecurely expose protected resources as ap is with app42 api gateway
Securely expose protected resources as ap is with app42 api gateway
Zuaib
 
APIs: the Glue of Cloud Computing
APIs: the Glue of Cloud ComputingAPIs: the Glue of Cloud Computing
APIs: the Glue of Cloud Computing
3scale
 
Third party api integration
Third party api integrationThird party api integration
Third party api integration
Metricoid Technology
 
Designing Usable APIs featuring Forrester Research, Inc.
Designing Usable APIs featuring Forrester Research, Inc.Designing Usable APIs featuring Forrester Research, Inc.
Designing Usable APIs featuring Forrester Research, Inc.
CA API Management
 
RSA Europe: Future of Cloud Identity
RSA Europe: Future of Cloud IdentityRSA Europe: Future of Cloud Identity
RSA Europe: Future of Cloud Identity
Mike Schwartz
 
SharePoint 2013 Apps and the App Model
SharePoint 2013 Apps and the App ModelSharePoint 2013 Apps and the App Model
SharePoint 2013 Apps and the App Model
James Tramel
 
Enterprise API deployment best practice
Enterprise API deployment best practiceEnterprise API deployment best practice
Enterprise API deployment best practice
Sanjay Roy
 
BarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management System
BarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management SystemBarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management System
BarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management System
Wong Hoi Sing Edison
 
SharePoint Add-Ins - Brief Overview
SharePoint Add-Ins - Brief OverviewSharePoint Add-Ins - Brief Overview
SharePoint Add-Ins - Brief Overview
Nous Infosystems
 
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...
Vincent Biret
 
Making a decision between Liferay and Drupal
Making a decision between Liferay and DrupalMaking a decision between Liferay and Drupal
Making a decision between Liferay and Drupal
InfoAxon Technologies Limited
 
API, Integration, and SOA Convergence
API, Integration, and SOA ConvergenceAPI, Integration, and SOA Convergence
API, Integration, and SOA Convergence
Kasun Indrasiri
 
PowerApps, the Developer Story: Build an API to Integrate Corporate Data
PowerApps, the Developer Story: Build an API to Integrate Corporate DataPowerApps, the Developer Story: Build an API to Integrate Corporate Data
PowerApps, the Developer Story: Build an API to Integrate Corporate Data
Bram de Jager
 
#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...
#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...
#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...
Vincent Biret
 
Meetup 2022 - API Gateway landscape.pdf
Meetup 2022 - API Gateway landscape.pdfMeetup 2022 - API Gateway landscape.pdf
Meetup 2022 - API Gateway landscape.pdf
Red Hat
 

Similar to Feide Connect (20)

Web 2.0 Tech Talk
Web 2.0 Tech TalkWeb 2.0 Tech Talk
Web 2.0 Tech Talk
 
WSO2Con Asia 2014 - Building the API-Centric Enterprise
WSO2Con Asia 2014 - Building the API-Centric EnterpriseWSO2Con Asia 2014 - Building the API-Centric Enterprise
WSO2Con Asia 2014 - Building the API-Centric Enterprise
 
Building an API Centric SOA
Building an API Centric SOA Building an API Centric SOA
Building an API Centric SOA
 
EduID Mobile App - Use-Cases, Concepts and Implementation
EduID Mobile App - Use-Cases, Concepts and ImplementationEduID Mobile App - Use-Cases, Concepts and Implementation
EduID Mobile App - Use-Cases, Concepts and Implementation
 
Securely expose protected resources as ap is with app42 api gateway
Securely expose protected resources as ap is with app42 api gatewaySecurely expose protected resources as ap is with app42 api gateway
Securely expose protected resources as ap is with app42 api gateway
 
APIs: the Glue of Cloud Computing
APIs: the Glue of Cloud ComputingAPIs: the Glue of Cloud Computing
APIs: the Glue of Cloud Computing
 
Securing Insecure
Securing InsecureSecuring Insecure
Securing Insecure
 
Third party api integration
Third party api integrationThird party api integration
Third party api integration
 
Designing Usable APIs featuring Forrester Research, Inc.
Designing Usable APIs featuring Forrester Research, Inc.Designing Usable APIs featuring Forrester Research, Inc.
Designing Usable APIs featuring Forrester Research, Inc.
 
RSA Europe: Future of Cloud Identity
RSA Europe: Future of Cloud IdentityRSA Europe: Future of Cloud Identity
RSA Europe: Future of Cloud Identity
 
SharePoint 2013 Apps and the App Model
SharePoint 2013 Apps and the App ModelSharePoint 2013 Apps and the App Model
SharePoint 2013 Apps and the App Model
 
Enterprise API deployment best practice
Enterprise API deployment best practiceEnterprise API deployment best practice
Enterprise API deployment best practice
 
BarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management System
BarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management SystemBarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management System
BarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management System
 
SharePoint Add-Ins - Brief Overview
SharePoint Add-Ins - Brief OverviewSharePoint Add-Ins - Brief Overview
SharePoint Add-Ins - Brief Overview
 
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...
 
Making a decision between Liferay and Drupal
Making a decision between Liferay and DrupalMaking a decision between Liferay and Drupal
Making a decision between Liferay and Drupal
 
API, Integration, and SOA Convergence
API, Integration, and SOA ConvergenceAPI, Integration, and SOA Convergence
API, Integration, and SOA Convergence
 
PowerApps, the Developer Story: Build an API to Integrate Corporate Data
PowerApps, the Developer Story: Build an API to Integrate Corporate DataPowerApps, the Developer Story: Build an API to Integrate Corporate Data
PowerApps, the Developer Story: Build an API to Integrate Corporate Data
 
#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...
#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...
#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...
 
Meetup 2022 - API Gateway landscape.pdf
Meetup 2022 - API Gateway landscape.pdfMeetup 2022 - API Gateway landscape.pdf
Meetup 2022 - API Gateway landscape.pdf
 

More from Andreas Åkre Solberg

OpenID Connect Federation
OpenID Connect FederationOpenID Connect Federation
OpenID Connect Federation
Andreas Åkre Solberg
 
Dataporten for grunnopplæringa - Workshop September 2017
Dataporten for grunnopplæringa - Workshop September 2017Dataporten for grunnopplæringa - Workshop September 2017
Dataporten for grunnopplæringa - Workshop September 2017
Andreas Åkre Solberg
 
Dataporten Workshop
Dataporten WorkshopDataporten Workshop
Dataporten Workshop
Andreas Åkre Solberg
 
Dataporten
DataportenDataporten
Dataporten
Andreas Åkre Solberg
 
Dataporten for Sigma2, Hell
Dataporten for Sigma2, HellDataporten for Sigma2, Hell
Dataporten for Sigma2, Hell
Andreas Åkre Solberg
 
Dataporten intro (workshop with Difi)
Dataporten intro (workshop with Difi)Dataporten intro (workshop with Difi)
Dataporten intro (workshop with Difi)
Andreas Åkre Solberg
 
UNINETT Feide Connect (Feide fagdag)
UNINETT Feide Connect (Feide fagdag)UNINETT Feide Connect (Feide fagdag)
UNINETT Feide Connect (Feide fagdag)
Andreas Åkre Solberg
 
Connect (UNINETT-konferansen, Tromsø)
Connect (UNINETT-konferansen, Tromsø)Connect (UNINETT-konferansen, Tromsø)
Connect (UNINETT-konferansen, Tromsø)
Andreas Åkre Solberg
 
Connect (USIT)
Connect (USIT)Connect (USIT)
Connect (USIT)
Andreas Åkre Solberg
 
Feide Connect SUHS 2014
Feide Connect SUHS 2014Feide Connect SUHS 2014
Feide Connect SUHS 2014
Andreas Åkre Solberg
 
SCIM and VOOT
SCIM and VOOTSCIM and VOOT
SCIM and VOOT
Andreas Åkre Solberg
 
OAuth 2.0
OAuth 2.0OAuth 2.0
OAuth 2.0
Andreas Åkre Solberg
 
UWAP Tjenesteplattform
UWAP TjenesteplattformUWAP Tjenesteplattform
UWAP Tjenesteplattform
Andreas Åkre Solberg
 
UNINETT IoU - UWAP Prototype
UNINETT IoU - UWAP PrototypeUNINETT IoU - UWAP Prototype
UNINETT IoU - UWAP Prototype
Andreas Åkre Solberg
 
UNINETT WebApp Park
UNINETT WebApp ParkUNINETT WebApp Park
UNINETT WebApp Park
Andreas Åkre Solberg
 
Federation Lab and OpenID Connect
Federation Lab and OpenID ConnectFederation Lab and OpenID Connect
Federation Lab and OpenID Connect
Andreas Åkre Solberg
 
Single Logout
Single LogoutSingle Logout
Single Logout
Andreas Åkre Solberg
 

More from Andreas Åkre Solberg (20)

OpenID Connect Federation
OpenID Connect FederationOpenID Connect Federation
OpenID Connect Federation
 
Dataporten for grunnopplæringa - Workshop September 2017
Dataporten for grunnopplæringa - Workshop September 2017Dataporten for grunnopplæringa - Workshop September 2017
Dataporten for grunnopplæringa - Workshop September 2017
 
Dataporten Workshop
Dataporten WorkshopDataporten Workshop
Dataporten Workshop
 
Dataporten
DataportenDataporten
Dataporten
 
Dataporten for Sigma2, Hell
Dataporten for Sigma2, HellDataporten for Sigma2, Hell
Dataporten for Sigma2, Hell
 
Dataporten intro (workshop with Difi)
Dataporten intro (workshop with Difi)Dataporten intro (workshop with Difi)
Dataporten intro (workshop with Difi)
 
UNINETT Feide Connect (Feide fagdag)
UNINETT Feide Connect (Feide fagdag)UNINETT Feide Connect (Feide fagdag)
UNINETT Feide Connect (Feide fagdag)
 
Connect (UNINETT-konferansen, Tromsø)
Connect (UNINETT-konferansen, Tromsø)Connect (UNINETT-konferansen, Tromsø)
Connect (UNINETT-konferansen, Tromsø)
 
Connect (USIT)
Connect (USIT)Connect (USIT)
Connect (USIT)
 
Feide Connect SUHS 2014
Feide Connect SUHS 2014Feide Connect SUHS 2014
Feide Connect SUHS 2014
 
Feide connect tnc2014
Feide connect tnc2014Feide connect tnc2014
Feide connect tnc2014
 
SCIM and VOOT
SCIM and VOOTSCIM and VOOT
SCIM and VOOT
 
OAuth 2.0
OAuth 2.0OAuth 2.0
OAuth 2.0
 
UWAP Tjenesteplattform
UWAP TjenesteplattformUWAP Tjenesteplattform
UWAP Tjenesteplattform
 
UNINETT IoU - UWAP Prototype
UNINETT IoU - UWAP PrototypeUNINETT IoU - UWAP Prototype
UNINETT IoU - UWAP Prototype
 
UNINETT WebApp Park
UNINETT WebApp ParkUNINETT WebApp Park
UNINETT WebApp Park
 
Federation Lab and OpenID Connect
Federation Lab and OpenID ConnectFederation Lab and OpenID Connect
Federation Lab and OpenID Connect
 
Single Logout
Single LogoutSingle Logout
Single Logout
 
SAML2int
SAML2intSAML2int
SAML2int
 
DiscoJuice
DiscoJuiceDiscoJuice
DiscoJuice
 

Recently uploaded

Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
g2nightmarescribd
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 

Recently uploaded (20)

Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 

Feide Connect

  • 1. «Feide Connect» Next generation service platform for advanced services and collaboration services for higher education. Andreas Åkre Solberg andreas.solberg@uninett.no
  • 2. Once upon a time Web Single Sign-On with Feide was sufficient to provide a seamless user experience across services. !2
  • 3. Collaboration on Internet ✤ A dynamic working groups spanning multiple organizations, work together using digital collaboration tools: ✤ A wiki ✤ Document sharing tool ✤ Meeting planner and calendar ✤ A Web meeting tool ✤ A web forum or mailinglist !3
  • 4.
  • 5. Authentication Feide based upon SAML 2.0 Rather complex results in relatively high integration cost for Service Providers. Limited opportunities to the «login request -> response»-flow. ! Trends in consumer markets (Facebook, Google, Twitter, Linkedin, Salesforce) From enterprise protocols towards APIs / REST and OAuth Providers needs to offer APIs and third party integration anyway; OAuth Easy to establish a simple authentication protocol (userinfo) on top of that OpenID Connect Built-in support for cross-federation (eduGAIN, Kalmar) and guest users. oktober 23, 2013 5
  • 6. Feide Connect New architecture Feide tjeneste Mobil app Web app Tredjepartsklient / integrasjon API-based instead of SSO-flow OAuth + authentication Makes use of Feide (without changes) Feide Feide Connect grupper personsøk lagring aktivitetstr API authz Offers additional services Better support for mobile, desktop etc. API Authorization Management Tjeneste backend API Extremely simple integration for Service Providers Low-bar of entry 
 (for students, non-commercial, etc) oktober 23, 2013 !6
  • 8. Groups and roles API Service Base layer: builds groups 
 from Feide attributes Feide tjeneste Mobil app Web app Tredjepartsklient / integrasjon Connector to FS:
 emner, studieretning med mer. Feide Connect Support for Ad-Hoc groups
 Feide Anyone can create groups for their collaboration needs. Cross-organizational groups. Support for custom external connectors to an institutions authoritative source of group data. Groups FS personsøk lagring aktivitetstr API authz Ext Connectors AdHoc !8
  • 9. Ad-hoc group management front-end !9
  • 10. People Search Separate People Search API Authenticated API Also available as a JS library And as a Federated Widget Relies on already public information Better user experience to search for real user names, than to add userids. !10
  • 12. ma Ar ha zs WebApp frontend Widgets dr wi eas l l a co tte nfi nd rm me ed eti an ng d df» ! sc he du led an ew me eti ng Generic information model A n ad ew u de se dt rT o t ho he rle gr if i ou s p Si mo n re «w as c elc rea om ted e!» a at wiki Ag pa or ge a User interfaces An d Acitivites posted to one or more groups An re .p Mobile app frontend da at file Cl «a o u rc ds hi tor tec tu API re Activity Streams One activity stream per group. !12
  • 13. !13
  • 14. Notifications The most important activity updates Email and mobile push notifications Personal preferences !14
  • 16. Federated Widgets Embed content on remote site Challenge: secure environment authentication adopt context !16
  • 17. Widgets adopts context Widgets in a separate security domain Communicates with the surroundings Harmonized references; activities, users and groups. As well as time and location. !17
  • 18. Federated Widgets ting using Webmee C o n n e ct Adobe Join meet ing !18
  • 19. Feed Widget" Shows an aggregated feed of activities for the current selected group across all collaboration tools. Share widget" Can be easily integrated anywhere. Will share a link to the current web page !1 to the activity stream for the current user in a selected group context. 9
  • 21. Open Data Universities increasing interest to share their data using APIs. Motivates growth of new innovative, and better services for the employees and students. ! Privacy very important! Complex to provide authentication model for delegated access to personal data. !21
  • 23. Registering a new API Gatekeeper !23
  • 24. Managing an API ! › Trust › Scope management › Statistics ! › Authorization workflow !24
  • 25. Public API Information Page ! › OAuth Connection details › Link to register, and request access !25
  • 26. Registration of new clients ! Third parties register new clients, and requests access to API scopes. !26
  • 27. API Authorization workflow ! API owner grants access to new clients. › Clients bounded to authenticated users / organizations !27
  • 28. The platform will make sure end users accessing the clients are authenticated (using Feide). ! API owner does not have to think about Feide. !28
  • 30. Feide Connect established a trusted channel with your API › Adds information in HTTP headers, with › User info › Groups › Client info and scopes !30
  • 32. Self-Service and Scalability Priority #1
 Everything is self-service Well-designed authorization work-flows. Focus on «one-click» grant, 
 when moderation is needed at all. Will run on HA infrastructure !32
  • 34. International Collaboration Any student or employee in Europe should be able to login with their local credentials on the through the platform. Established cross-federation connections through eduGAIN and Kalmar. ! Collaboration on harmonizing group definitions and exchange protocols with other countries.
 Collaboration through GÉANT, Terena and NordForum. ! Standardization
 OAuth, OpenID Connect, SCIM, OpenSocial, ActivityStreams, Misc W3C !34
  • 36. Piloting with Institutions Allow access to login through Feide Setup access for Person Search. Directory access Register a set of test users with additional privileges Integration with FS for groups and roles Integration with external connectors Testing of API authorization Real users testing of collaboration tools !36