InAcademia adds support for AARC IdP Hinting
Using InAcademia and its IdP Hinting feature to validate that a user is a student or otherwise member of the academic community allows the user to quickly and easily navigate to its home institution for authentication.
Our What is IdP Hinting blog explains that Merchants using InAcademia have the option to either use our central Discovery Service, where the user can easily search for its own institution from a pre-populated search facility, and that alternatively Merchants can embed InAcademia’s IdP Hinting feature into a UI and workflow. IdP Hinting allows a merchant to route a user directly to its home institution for verification, where InAcademia will then assess whether the user meets the required criteria, returning a validation result to the merchant’s OpenID Connect Provider. An added attribute of the IdP Hinting feature is that it provides a readily available feed of participating institutions, structured by country, from which merchants can create their own interactive search UI, and even map institutions in their internal databases to the related identity provider for specified institutions.
The IdP Hinting feature has been successfully used by merchants since the launch of the service but, since version 3.3.0, Merchants using InAcademia now have the added benefit of being able to use a URL-encoded entityID* by way of an OpenID Connect parameter called the aarc_idp_hint** instead of a sha-1 hash, as was the original design (which will be deprecated later this year).
This new and updated method leverages an element of the AARC Blueprint Architecture, which defines a portable and technology-agnostic way to allow services to receive hints about which Institutional Identity Provider to direct the user to, greatly simplifying the process for the end user and further demonstrates InAcademia’s close relationship with the academic community. AARC provides guidelines, policies and architectural blueprints so that research collaborations and e-infrastructures can implement and provide interoperable solutions.
If you’d like to learn more about the IdP Hinting feature, please visit:What is IdP Hintingor if you’d like to talk with someone about InAcademia or how it uses the AARC guidelines, please contact us.
*the unique URI for an institution’s SAML metadata that is announced to the eduGAIN interfederation via membership of a national academic identity federation.
**A specification for IdP hinting (AARC-G049), published 2019-03-11