XSEDE Capability Delivery Plan for "IDM-16: Obtain affiliated institutions when an individual logs in to a service"

Use Case IDM-16: Obtain affiliated institutions when an individual logs in to a service

Area: Account Management
URLs: Review

Executive Summary: A campus IT administrator or service provider needs to obtain affiliated institutions when individuals login to a service so the service provider can track usage by consortium or other groupings of institutions.

First CDP: 2019-10-02
Current CDP: 2020-05-04
Current Implementation Status: 
Time & Effort Summary: 

XSEDE's Web SSO service (Globus Auth) satisfies this use case fully and the documentation specifically addresses how to do this. No further work is planned at this time.

Significant Revisions:
This capability is currently supported by the following 2 components:
Component User facing? Component’s role in the capability
Globus Auth yes Globus Auth is XSEDE's Web Single Sign-On (SSO) service. Applications that use Globus Auth for logins can access the user's organization affiliation data. The affiliation data comes from the user's XSEDE user profile and from any non-XSEDE identities (e.g., campus ID) that the user has linked to his/her XSEDE identity.
Globus Auth ID Explorer yes The XSEDE Globus Identity Explorer web application provides a helpful view of the identity data returned by Globus Auth. Application developers can use this application to see what the identity data returned by Globus Auth looks like.