Sie zeigen eine alte Version dieser Seite an. Zeigen Sie die aktuelle Version an.

Unterschiede anzeigen Seitenhistorie anzeigen

« Vorherige Version anzeigen Version 4 Nächste Version anzeigen »

ACOnet operates the ACOnet OpenIDPa self-service SAML Identity Provider for members and guests of ACOnet participants. This service is open to everyone needing to access federated resources from eduID.at members who is lacking credentials at a SAML IDP known to the relevant service.

Registration of an ACOnet OpenIDP account only provides a means to authenticate. Use of this service does not imply access to any specific resource or service, as this remains the service owner's sole responsibility. Likewise, service owners are reminded that successful authentication at any [inter-]federated SAML IdP should not necessarily be equated with successful authorization. Always protect your resources with proper access rules based on attributes provided (such as eduPersonScopedAffiliation) unless your service is in fact open to everyone & everything that can self-register an account and authenticate.

The prime purpose of the ACOnet OpenIDP is to allow service owners to offer their resource to their whole intended community, whether or not all members of that community already have access to a SAML Identity Provider. This removes the need for service owners to also implement local or alternative authentication methods within their resource (leading to password management and "password forgotten" support at the service), in addition to federated access via SAML. As such the ACOnet OpenIDP is part of the eduID.at Metadata, together with all other Identity Providers within eduID.at.

Services known to accept ACOnet OpenIDP identities

If you have an account at a eduID.at member institution always use your institutional account instead of registering a new one at the OpenIDP. Save yourself the additional registration step, creating and remembering Yet Another username and password. An OpenIDP account will not give you any additional rights or permissions.
If you already have registered an OpenIDP accounts unnecessarily please contact the owner of the service you used it with (not ACOnet, who cannot help here) and ask them to transfer your user data to your institutional account.

These services are known to externalize their credentials management to the ACOnet OpenIDP, so they don't have to manage, keep secure and support passwords themselfs:

  • USI-Wien Kursanmeldung: The University Sports Institute (USI) at Vienna University implements online registration for its many sports courses via eduID.at. Since not all Austrian institutions whose members are eligible for USI courses currently participate in ACOnet or eduID.at those subjects can register an account at OpenIDP once, and use that for online registration at USI as long as desired.
  • u:book is a federated service by University of Vienna allowing members of participating academic institutions in Austria to buy quality mobile computers at reduced prices, in addition to supporting services (such as software downloads and installation or mobile phone or data contracts).
  • Training Courses by the Computer Center and Human Resources Development departments at the University of Vienna. Some of these are open to the general public and so need a method for people outside the eduID.at membership (or even ACOnet constituency) to register for courses online. Authorization in these cases happens by payment of the course fee, so (self-asserted) attributes or identity vetting are not of prime importance.
  • Keine Stichwörter