LS Login for Home Organizations
Access to LS Login services requires sometimes that the user has a confirmed affiliation with a home organisation (e.g. a university, research institution or private company). The preferred way for LS to learn the affiliation is by the user logging in to LS Login using the home organisation credentials and the home organisation releases programmatically to LS Login an attribute describing the affiliation (for instance, an assertion that they are a researcher at the university).
For technical and other reasons, not all home organisations support it. To integrate a custom-requested Identity Provider, a standardized procedure has been developed. This flow can be initiated either from the user of an Identity Provider or its operator or from the Life Science AAI operators. The procedure can be briefly summarized in the following steps:
- A contact between the Life Science AAI team and the Identity provider operator is established. A user/operator of the Identity Provider contacts the Life Science AAI support team via email support(at)aai.lifescience-ri.eu and requests the Identity provider to be added.
- Identity Provider sets up the Life Science AAI as a service-consuming authentication on the side of the Identity provider. This part is done by the requesting entity (saml metadata link)
- Life Science AAI operators set up the requested Identity Provider on the side of Life Science AAI as one of the login alternatives.
- Identity Provider user/operator demonstrates the integration works by logging into an attribute conformance check service (link) operated by the Life Science AAI using the integrated Identity Provider.
Please refer to Documentation