FIM makes it possible for students and researchers to use their home institution’s login credentials to securely connect to more than 2,900 global services, resources, and scientific facilities.
Federated Identity Management (FIM)
A single set of login credentials…a world of access.
FIM is available to all institutions that participate in the Canadian Access Federation (CAF) and to providers of content, resources, and services for students and researchers. To connect Canadian students and researchers to the world, CANARIE connects to other national identity federations through eduGAIN, an interconnection of national federations.
For Students, Staff, and Faculty
FIM is how you prove your academic identity to access:
- Datasets from research libraries at the other university in your city or anywhere in the world
- High performance computing resources to run your data models
- Global research collaboration platforms
- Scientific instruments and tools
- Academic journals and discussion papers
Just as you might use your webmail, social media, or banking credentials to access online services, FIM lets you use your academic credentials to securely access resources that are restricted to the research and education community.
Through a global network of identity federations that serve the research and education community, your single set of credentials is your passport to a world of resources.
How do I access FIM?
If your institution already participates in the Canadian Access Federation and has implemented FIM, there is nothing for you to do! You’re likely already using your credentials to access online resources, while FIM works the magic in the background.
If your institution is not yet in CAF, ask your IT department to consider participating. Our team is happy to help them every step of the way.
For Providers of Content, Resources, and Services
FIM simplifies the roll-out and management of services.
If you serve the research and higher education sector, enabling FIM can give you access to more than 27 million students and researchers around the world. Instead of configuring authentication methods for every school or every country, implementing FIM into your service is a single process that works across this sector throughout the world.
Just as applications allow users to sign in using webmail, social media, or banking accounts, you can secure access to your content and services for those with academic credentials from specific institutions.
How do we implement FIM?
The first step is to join the Canadian Access Federation (CAF). As a service provider, there is no cost for you to join. Once you’ve approved as a CAF participant, our team is happy to help you implement FIM across your services.
FIM benefits organizations of all sizes.
Consider the CAF team as an extension of your team for identity and access management. We’re happy to discuss your needs and the best way to support you. From documentation to a dedicated Slack channel and hands-on technical support, we can help you with every aspect of your FIM implementation. If you have any questions, please reach out to us at: email@example.com.
If your organization already participates in CAF but have not yet implemented FIM:
For IT Departments
Join more than 3,600 higher education and research institutions around the world that have implemented federated identity management services to simplify the access of their students, staff, and faculty to academic resources.
By implementing FIM, you confirm the academic identity of your students, staff, and faculty through the login credentials you’ve assigned them, enabling them to access a global catalogue of academic resources that’s critical to their work.
And if you’ve already implemented eduroam, implementing FIM will make it possible for you to take advantage of our newest service, eduroam Visitor Access.
How FIM Works
- A student or researcher attempts to access an online service, e.g. research dataset or journal.
- The service redirects the login request to the user’s home institution and requests a set of attributes (e.g. full name, email address, etc.) about the user.
- Based on the validation and the attributes it receives, the service allows or denies access to its resources.
CAF connects to over 65 identity federations around the world via the eduGAIN interfederation service. eduGAIN simplifies access to content, services, and resources for the global research and education community, connecting more than 5,000 research and education institutions and service providers.
Entity Categories are an additional layer of trust that make it easier for institutions and service providers to enable rapid, scalable access to new resources for students and researchers. Each Entity Category defines a common set of user attributes that will be shared to enable access to services in that category.
Security Incident Response Trust Framework (Sirtfi)
Sirtfi strengthens the security of participants in identity federations (like CAF) by coordinating security incident response across all organizations. To be Sirtfi compliant, organizations must confirm their compliance with a common list of assertions. Sirtfi compliance is an identifier to mark trusted partners within identity federations.
Learn about how Federated Identity Management (FIM) has helped Canadian and international research and academic institutions simplify access to scientific resources and shared services.