What is eduGAIN and what is it for?

What is eduGAIN, an Identity/Service Provider platform under the GEANT Consortium

eduGAIN provides an efficient, flexible way for participating federations, and their affiliated users and services, to interconnect

More than 2,600 identity providers worldwide.
1,800 service providers.
More than 55 federations in the process of joining.

Today, online services are crucial for research and education. Students, teachers, researchers and institution staff rely on them for collaboration through many web services. This can be for e-learning, tea​ching and conferencing, analysing and sharing data, accessing journals and libraries etc. Enabling easy and convenient access to users is a key part of delivering a service. Service providers do not want the headaches associated with issuing passwords to users, and the user does not want yet another password.

With just one trusted identity provided by user’s institution as part of an identity federation participating in eduGAIN, users can access services from other participating federations. Even better, it works with single sign-on (SSO), so that user needs to login only one time during a browser session.

R&E identity federations are typically deployed on a national level and use different architectures, systems and policies. eduGAIN enables identity federations to interconnect, so that participating institutions and services can collaborate without the need to establish individual bilateral connections.

The worldwide influence and validity of the Federation.

An identity federation (or just federation) is a collection of organizations that agree to interoperate under a certain rule set. This rule set typically consists of legal frameworks, policies and technical profiles and standards. It provides the necessary trust and security to exchange identity information to access services within the federation.

Some federations also distinguish the organisations that participate. Often there are federation members (e.g. universities and research institutes), which operate services and provide identities, and federation partners (e.g. commercial companies that offer services to higher education users), which only operate services.


Why People Choose Our Education

Shibboleth is one of the most widely used identity management systems in the world. After emerging as an Internet2 middleware activity in 2000, it was quickly adopted by academic institutions, identity federations, and commercial organisations all over the world.
The product that provides secure and seamless access to protected online resources and applications.

With just one identity, a user can securely sign into a variety of systems while keeping management free from the burden of maintaining a collection of usernames and passwords. As an open-source project, all Shibboleth software is free and accessible to all and support is widely available through active community forums.

KION provides services as a SP (Service Provider). It also produces solutions for your institutions as IdP (Identity Provider).

Identity Providers of National Identity Federation Members can produce/publish many attributes according to their needs. However, it should be able to produce/publish a core set of attributes in order to avoid any problems when using services within National Federation or between federations (eduGAIN).

eduPersonTargetedID/persistentID – Unique, persistent, opaque and targeted identifier of the user.
eduPersonPrincipalName – Unique, persistent identifier of the user.
displayName – Name and Surname of the user.
commonName – Name and Surname of the user. Could be multi-valued but it is recommended to have only one value.
mail – User’s personal eMail address.
eduPersonAffiliation, eduPersonScopedAffiliation – See the Controlled Vocabolaries. Multi-valued.
schacHomeOrganization, schacHomeOrganizationType – See the Controlled Vocabolaries.

It does not matter to us in which database you keep your identity information. We provide solutions for all infrastructures listed below.

What are our LDAP solutions?
Active Directory (AD)
Azure AD
GSuite (Google LDAP)
Multiple AD/OpenLDAP
mySQL , msSQL
Customizable Web Service

Catch up the eduGAIN standards with KION Solutions.


Identity Providers


Service Providers