Federated Identity Management (FIM)

Canada’s research and higher-ed institutions trust the Federated Identity Management (FIM) service to securely connect students, staff, and faculty to global resources – using a single, secure digital identity.

FIM makes it possible for students and researchers to use their home institution’s login credentials to securely connect to more than 2,900 global services, resources, and scientific facilities.

A single set of login credentials…a world of access.

 

FIM is available to all institutions that participate in the Canadian Access Federation (CAF) and to providers of content, resources, and services for students and researchers. To connect Canadian students and researchers to the world, CANARIE connects to other national identity federations through eduGAIN, an interconnection of national federations.

For Students, Staff, and Faculty

FIM is how you prove your academic identity to access:

  • Datasets from research libraries at the other university in your city or anywhere in the world
  • High performance computing resources to run your data models
  • Global research collaboration platforms
  • Scientific instruments and tools
  • Academic journals and discussion papers

Just as you might use your webmail, social media, or banking credentials to access online services, FIM lets you use your academic credentials to securely access resources that are restricted to the research and education community.

Through a global network of identity federations that serve the research and education community, your single set of credentials is your passport to a world of resources.

How do I access FIM?

If your institution already participates in the Canadian Access Federation and has implemented FIM, there is nothing for you to do! You’re likely already using your credentials to access online resources, while FIM works the magic in the background.

If your institution is not yet in CAF, ask your IT department to consider participating. Our team is happy to help them every step of the way.

For Providers of Content, Resources, and Services
FIM simplifies the roll-out and management of services.

 

If you serve the research and higher education sector, enabling FIM can give you access to more than 27 million students and researchers around the world. Instead of configuring authentication methods for every school or every country, implementing FIM into your service is a single process that works across this sector throughout the world.

Just as applications allow users to sign in using webmail, social media, or banking accounts, you can secure access to your content and services for those with academic credentials from specific institutions.

How do we implement FIM?

The first step is to join the Canadian Access Federation (CAF). As a service provider, there is no cost for you to join. Once you’ve approved as a CAF participant, our team is happy to help you implement FIM across your services.

For IT Departments

Join more than 3,600 higher education and research institutions around the world that have implemented federated identity management services to simplify the access of their students, staff, and faculty to academic resources.

By implementing FIM, you confirm the academic identity of your students, staff, and faculty through the login credentials you’ve assigned them, enabling them to access a global catalogue of academic resources that’s critical to their work.

And if you’ve already implemented eduroam, implementing FIM will make it possible for you to take advantage of our newest service, eduroam Visitor Access.

How FIM Works

  1. A student or researcher attempts to access an online service, e.g. research dataset or journal.
  2. The service redirects the login request to the user’s home institution and requests a set of attributes (e.g. full name, email address, etc.) about the user.
  3. The home institution validates the user, and in compliance with its privacy policy, securely sends a set of attributes about the user back to the service.
  4. Based on the validation and the attributes it receives, the service allows or denies access to its resources.

FIM is easy to deploy for institutions of all sizes.

 

We’ve made it easy to start your implementation, thanks to IdP Installer, a tool that auto-installs and configures the software you need to connect your institution’s identity management system to the FIM service. IdP Installer will simplify your configuration and deployment and minimize the impact on your IT resources.

If you participate in the Canadian Access Federation (CAF) and have deployed eduroam but not FIM, our team is here to help.

eduGAIN

CAF connects to over 65 identity federations around the world via the eduGAIN interfederation service. eduGAIN simplifies access to content, services, and resources for the global research and education community, connecting more than 5,000 research and education institutions and service providers.

Learn more about eduGAIN

Entity Categories

Entity Categories are an additional layer of trust that make it easier for institutions and service providers to enable rapid, scalable access to new resources for students and researchers. Each Entity Category defines a common set of user attributes that will be shared to enable access to services in that category.

Learn more about Entity Categories, including the Research and Scholarship Category

Security Incident Response Trust Framework (Sirtfi)

Sirtfi strengthens the security of participants in identity federations (like CAF) by coordinating security incident response across all organizations. To be Sirtfi compliant, organizations must confirm their compliance with a common list of assertions. Sirtfi compliance is an identifier to mark trusted partners within identity federations.

Learn more about Sirtfi

Case Studies

Learn about how Federated Identity Management (FIM) has helped Canadian and international research and academic institutions simplify access to scientific resources and shared services.

Check out our cases studies

Program News

October 23, 2017

Canadian students on the move rely on eduroam one million times a day

Read More

April 10, 2017

CANARIE Partners with Splunk to Offer Free Training and Certification to Research and Education Members

Read More

September 30, 2016

Let’s Talk About our Trust Issues

Read More