CAF Newsletter: January 2018

CANARIE is pleased to announce the addition of ADFSToolKit functionality to the Canadian Access Federation (CAF) Federated Identity Management (FIM) service. CANARIE and its partners have been working on a set of tools to augment existing ADFS Identity Provider installations. This set of tools is published by CANARIE as a Powershell module called ADFSToolkit, in the Powershell Gallery hosted by Microsoft. The toolkit allows an existing ADFS Identity Provider to have an additional option for participation in the FIM service.

The key items enabled by the ADFSToolkit are:

  • Retrieval and signature verification of the CAF FIM service trust records
  • Ingestion of the entities into ADFS using the one-at-a-time trust relationship paradigm
  • Automatic setting of attribute release policies for entity categories
  • Site-specific additions of attribute releases on a per service basis
  • Ability to set a scheduled job to keep current with the CAF FIM service trust records on an hourly basis
  • Ability to better diagnose problems

If you have any questions regarding the ADFSToolKit and how it impacts your CAF and FIM services, please message us at [email protected].

Tech Talk Hours Announcement

The CANARIE CAF team will be hosting a weekly, informal, one-hour, technical call for Canadian university and college IT departments to talk with the CANARIE team about Canadian Access Federation services, such as FIM and eduroam.

These Tech Talk calls, or “Office Hours”, will take place on Thursdays from 1-2 PM EST, starting the week of February 5th.

If interested, simply click on this link each week, anytime during the Tech Talk hours.

Program Updates

  • Through a partnership with eCampusOntario that leverages CAF’s sizeable reach within the province, services are now available to all students, faculty and staff of Ontario universities and colleges. The FIM service enables easy single sign-on and secure access to, using your institution’s user ID and password. Learn more from CampusOntario’s announcement.
  • The Canadian Access Federation will be performing feasibility studies for the implementation of eduroam guest services later this year. The “Guest services” create secure, temporary guest wifi access to those visiting institutions. Please watch for more announcements.
  • As eduroam connectivity grows, we are happy to highlight that there has been over one million eduroam sign-ons in a single day for institutions authenticated through CANARIE.

International Partner Highlights

  • InCommon, our federated identity partner in the United States, created a great article regarding the baseline expectations of trust from a federated identity service provider. It can be found here.
  • The Australian Access Federation (AAF), our federated identity partner in Australia, has developed a video outlining in detail the ORCID Connect and Collect Program. It’s worth watching.