How can I manage my service connected to LS Login as a Relying Party manager?

All existing ELIXIR AAI relying services will still use the same workflow and will be managed via the SPreg application

For registering and managing the newly registered service to LS Login please follow instructions here.

When and how will my service be migrated to LS Login?

Each service will be approached separately. You will be contacted by ELIXIR AAI operators, who will guide you on how to perform the migration.

However, it should be an easy process. You will register the service into LS Login by accepting the Life Science AAI’s Terms of Use, update your service’s the technical configuration (endpoints, metadata, …), and migrate to using LS IDs instead of ELIXIR IDs.

How can I integrate a new service into LS Login so it can be used by the ELIXIR community?

Services, which integrate into LS Login, are automatically usable by any of the LS Login users. If you want to limit the access to some users only, separate configuration in the LS Login has to be set up.

How will I manage my service’s registration in LS Login?

Registration of a new relying service is done via filling the web-based form, which asks the service manager for all information LS Login needs to know about the service to be set on the test environment. An exception is a service with special requirements (advanced functionalities).

Please follow instructions here for details: lifescience-ri.eu/aai/service-providers

What is the relationship between LS Login and EOSC-Life?

EOSC-Life is a project that brings together the 13 Life Science ‘ESFRI’ research infrastructures (LS RIs) to create an open, digital and collaborative space for biological and medical research. LS Login is a service that the EOSC-Life project has developed and launched.

Can we create a test account?

All Life Science IDs are personal accounts bound to the Acceptable Usage Policy. You can create multiple Life Science IDs but you are personally responsible for the accounts and e.g. must not share your credentials.

Hostel requirements for password strength?

The password must be conformant with the  REFEDS Single Factor Authentication profile

Particularly, the password must:

  • be at least eight characters long

  • contain at least one lowercase letter [a-z]

  • contain at least one uppercase letter [A-Z]

  • contain at least one digit [0-9]

  • contain at least one special character [#^@$!%*?&:.()[]{}]

Is LS Login supporting MFA? (Multi-Factor Authentication)

In an initial launch, Multi-Factor Authentication will be available only for existing ELiXIR services, which have not yet migrated (technically) to the Life Science Login. In the meantime, LS Login will deliver its own solution for providing and operating components providing the functionality.

In case you want your service to use MFA, please contact us when registering your service on support@aai.lifescience-ri.eu and specify this requirement, that your service will be using MFA. 

How to set up a separate Acceptable Usage Policy for my service in LS AAI?

Please contact us on support(at)aai.lifescience-ri.eu

Users get a “State information lost” error when trying to log in to a service via LifeScience login. Is there anything we can do?

This issue seems to be closely tied to services using SimpleSAMLphp as their login technology. As a first step, you can upgrade the version of SimpleSAMLphp you are using. If that does not help, we advise trying to reconfigure cookie settings in the software (domain, lifetime, HTTP to HTTPS hopping). Official information on the issue from the software developer can be found at https://simplesamlphp.org/docs/1.19/simplesamlphp-nostate.html

This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 654248 and from the European Union’s Horizon 2020 programme under grant agreement number 824087.