8

Completed activities

14

Ongoing activities

1

Pending ideas

The IAM4NFDI Incubator aims to develop, foster and mature new ideas in the field of identity and access management. The incubator will investigate new technologies that currently have no place (yet) in the services ecosystem of the IAM4NFDI project. This may include to test and experiment with potential new features for existing CAAI solutions. You can find more information about IAM4NFDI in our documentation.

The incubator runs six sprints per Incubator. These incubators typically take about 6 months and employ an agile methodology to enable rapid development of ideas. Preferably at least two subject matter experts work together with support from the project team. Subject matter experts are recruited from within the team. In addition, the project team facilitates the incubator track by providing a scrum master and dedicated developers. During the incubator project there is regular exchange between the project team and the selected CAAI solution. At regular intervals the project members will give a short update on the current state within a sprint demo meeting.

The Main Incubator Board (MIB) aims to represent a broad view on all developments in identity and access management within the different NFDI consortia. MIB members are project members of IAM4NFDI, experts from the different CAAI solutions and service stewards from BASE4NFDI. They evaluate new ideas and provide advice to the work package lead. They are also responsible for reviewing activities at the end of each incubator cycle and providing recommendations on how to proceed. The incubator team presents their results regularly to the the MIB's and the wider community. In the middle and at the end of a cycle there are two events public events, so called sprint demos.

Identity and Access Management (IAM) is about creating and managing digital identity for users, which can be used to represent a person in the digital world. Using state of the art authentication and authorization methods ensures that only the owner can access his identity and only entitled can access a resource. In this area, it is all about Identity Providers, Identity Federation, Service Providers and Discovery Services. Your project may improve existing software solutions or create new applications for a global community.
Building on top of existing infrastructure and applications, Standards and Protocols is about creating new ways to for applications and users to communicate. This area is all about protocols and standards used or being developed in the global Trust and Identity community, like the Security Assertion Markup Language (SAML) and Open ID Connect (OIDC), which will be used to integrate new capabilities in an already existing large infrastructure.
Security is an integral part of most applications and infrastructures. Ensuring data protection, privacy and safety by using measures like encryption and cryptography is nowadays mandatory. In this area, you may investigate, test and integrate new security features in existing Trust & Identity applications or to create new services that help secure our community, by working on for example multi factor authentication or HSM technologies.
Identity and Access Management deals with personal data, which requires adequate protection. The setup and operation of dedicated and secure infrastructre is therefore offered as one service within the IAM4NFDI project. Find more details [HERE](link to WP3 Document!)
Identity and Access Management solutions need to be integrated into Software the provides services to users, based on who the user is. Software services that do not yet support the federated access management are extended so they can make use of the information about the user to streamline user expierence and administration of the service.
Consultancy is often a first step to get the identity management of a consortium integrated with the NFDI-AAI. This includes topics from technical, legal, and architecture fields.

The service task operates and maintains the T&I services in the GÉANT project. The incubator works closely with the responsible service owner on activities that have an impact on an existing service. They are already involved in the selection of new activities to ensure that the topic is appropriately supported. Once the activity is completed, all results are handed over to the service owner, who will take care of further development.

Some of the Incubator's outputs are not handed over to a specific party, but are made available to the wider community. These are, for example, the results of studies and research that are published or software that is publicly released as open source. All results are publicly available and announced via the project's news channels to inform as many community members as possible.

In addition to the general R&E community, the Incubator sometimes works with external partners. These can be other communities, projects or groups that develop software products or provide services. Examples are institutions, individual NRENS or groups such as the Shibboleth Consortium.

Cycle 1
01 Feb 2024 - 31 Jul 2024
Cycle 2
01 Aug 2024 - 31 Jan 2025
Cycle 3
01 Feb 2025 - 31 Jul 2025
Cycle 4
01 Aug 2025 - 31 Jan 2026
Cycle 5
not yet determined
Cycle 6
not yet determined

The Incubator accepts proposals from all NFDI consortia as long as they are suitable to improve the identity and access management within NFDI. All kinds of innovative ideas are welcome, regardless of whether they are about new products, improving existing services or even completely disruptive. The format for submitting a proposal is designed to be as simple as possible. There is a "Call for Ideas" where anyone can submit their ideas. All you have to do is fill out the template and describe your own idea. New ideas can be submitted at any time, but there is a deadline before each cycle so that they can be considered for the next cycle.

Incubator Process Incubator Proposal Template


Activities

photo
Consultancy Running Cycle 2 NFDI4OBJECTS

WissKI

For the Scientific Communication Infrastructure (WissKI), the joint initiative of the Data Competence Centre SODa is planning to set up a didmos Community AAI Single Sign-On (SSO) system from DAASI as part of the IAM4NFDI incubator fund. WissKI-based services such as the WissKI Cloud and the Semantic Coworking Space (SCS) as well as the entire NFDI network will also benefit from this.

With the aim of creating a robust, compatible authentication and authorisation infrastructure (CAAI) for the WissKI-based infrastructure offerings, the open source didmos solution was selected due to its compatibility with dockerisation and its proximity to the GLAM and DH communities, in particular NFDI4Culture, NFDI4Objects and NFDI4Memory, and comprises the following work steps:

  1. Setting up a client in the central didmos instance
  2. Configuration of the NFDI AAI federation
  3. Configuration of the WissKI instances as clients

Activity page
  • Results & Deliverables
    .
    Ownership & Utilisation

    .

photo
Infrastructure Running Cycle 2 NFDI4CHEM

Terminology Services2.0

While our initial incubator proposal focused solely on the Terminology Service (TS), we soon realised that its requirements did not encompass the full spectrum of services within the NFDI4Chem consortium. Consequently, we expanded our approach to include the major services of NFDI4Chem in the Community AAI. Currently, in addition to the Terminology Service (TS), we are testing the Community AAI with Chemotion Repository, nmrXiv and COCONUT. We plan to integrate more services with the Community AAI in the future.

Goals

Our primary objective is to establish a unified AAI solution within a single consortium, enabling users to seamlessly access and utilise all available resources. In the second phase of the incubator project, we aim to integrate test instances of various services with the chosen CAAI. This will help us gather requirements that might necessitate modifications on both services and CAAI.

This will help us ensure that we meet our requirements of the majority of these services.

  • Support different logins both institutional and non-institutional. (Flexibility of customising the list)
  • Multiple account creation and linking
  • REST API with authentication code, so as to ease the maintenance of a service (for example during account deprovisioning, or movement of staff within the department)
  • Improve flexibility of creating LDAP servers (internal and external) and communication with its OIDC instance.
  • Facilitate both GUI and non-GUI based logins [optional]

Activity page
  • Results & Deliverables
    .
    Ownership & Utilisation

    .

photo
Infrastructure Running Cycle 2 NFDI4ENERGY

Open Energy Platform

With this incubator process, we (NFDI4Energy) want to commit to a specific CAAI solution, namely Reg-APP, and integrate it on the OpenEnergyPlatform (OEP). NFDI4Energy is committed in reusing already existing solutions and platforms. As a result, the OEP will serve as one of the main bases for further developments in Research Data Management in the Energy domain and will be a linking and collection point for further NFDI4Energy services.

The OEP currently consists of a simple local login (E-Mail and Password) based on basic services available through the python package Django with a PostgreSQL database and simple fronted technology (HTML, JavaScript, CSS). To add Reg-APP support we plan to use the django-allauth module, which supports SAML as well as OpenID Connect.

Goals

  • Integrate RegAPP on the OpenEnergyPlatform as the primary Authentication Service.
  • Transfer or map existing user accounts, since we plan to maintain the legacy login as well as the RegAPP login.
  • Operate the OEP and associated services under real environment conditions. As the OEP is a community service we think that a connection to the NFDI Infra proxy will not be necessary.
  • The served user base will be a mix of researchers, industry partners and society. As such an authentication method that is not based on the research infrastructure needs to be supported, as well.

Activity page
  • Results & Deliverables
    .
    Ownership & Utilisation

    .

photo
Infrastructure Running Cycle 2 FAIRMAT

NOMAD Integration

We want to link NOMAD to the NFDI AAI. NOMAD is a web-based research data management (RDM) platform for material science. It integrates a data repository, Electronic Lab Notebook (ELN), and JupyterHub into a unified platform. It is the main service developed and offered by the FAIRmat consortium.

NOMAD uses Keycloak as a Single Sign-On (SSO) solution. We operate a single central instance that is used by all NOMAD installations and services. Currently, we only allow users to use NOMAD accounts that were created on this Keycloak instance. NOMAD uses Keycloak primarily for authentication since all rights are managed within the NOMAD application. Therefore, we currently do not see any need for (community) roles, attributes, or similar functionality within NFDI AAI.

Technically, we want to realise this integration either via OpenID connect or SAML depending on NFDI AAI capabilities. Since, NFDI AAI and Keycloak already support at least one shared protocol, the integration should be straight forward. Most of the work, will probably be dedicated to test the integration. We might need some assistance in configuring the connection via OIDC or SAML.

Goals

  • Integrate the NFDI AAI as an identity provider for NOMADs central Keycloak instance. This should allow users to login with their existing NFDI AAI identities. A large portion of the ~4000 existing NOMAD users are affiliated with research institutes and Universities in Germany and Europe. Therefore, many of the existing users and potential new users might already hold identities within the 4 proposed NFDI AAI solutions.
  • Simplify future integrations with other (NFDI) services (within the materials science community and beyond). For this it is necessary that services rely on a shared NFDI AAI solutions.
  • Evaluate the use of linking different identities belonging to the same individual user.

Activity page
  • Results & Deliverables
    .
    Ownership & Utilisation

    .

photo
Infrastructure Running Cycle 2 NFDI4CAT

NFDI4CAT Repository

The NFDI4CAT community requires a central solution for the storage and exchange of experimental and simulation data to streamline research activities and support collaboration. To address this need, NFDI4CAT propose the deployment of a central repository using Dataverse. This repository will facilitate organisation, sharing, and archiving of research data within the community, ensuring efficient data management and accessibility. We would like to explore the possibility to use the NFDI Authentication and Authorisation Infrastructure Framework for the NFDI4Cat Dataverse repository. This will enable our repository users with seamless and secure access to their data.

Goals

  1. Incorporate the concepts of community and infrastructure proxy.
  2. Integrate NFDI AAI single sign-on for Dataverse for the NFDI4CAT community.
  3. Include all stakeholders (University, Non-University).
  4. Address any issues identified during testing to ensure a smooth and reliable user experience.

Activity page
  • Results & Deliverables
    .
    Ownership & Utilisation

    .

photo
Infrastructure Running Cycle 2 NFDI4ING

File Transfer Service FTS

The File Transfer Service (FTS) is a Software that is developed by CERN and that specializes in easy, large scale data transfer. It allows the scheduling of transfers and results in a good utilization of the available bandwidth. We are currently setting up an FTS instance to enable users to transfer their research data between different endpoints, our research data management system, and the cluster.

Goals

As a result of the project, it should be possible to login through our community AAI solution at the FTS web-interface. This removes the need for client certificates. When granted permission to access FTS this way, an FTS user should automatically be created with basic transfer permissions. Users should also be able to view the Web Monitoring to see the status of their transfers, while administrators should be able to view the status of the overall service. Participants of this incubator are the project team members that implements this project. The communities that require a solution are researchers from different NFDI consortia that will use the FTS instance of the RWTH Aachen University to transfer their research data quickly and reliably.

  • The RegApp is connected to the FTS server instance of the RWTH Aachen University.
  • Generation of new FTS users is prompted by first-time access through the RegApp.
  • The Web Monitoring platform of the FTS instance, which is separate from the server, is connected to the RegApp.

Activity page
  • Results & Deliverables
    .
    Ownership & Utilisation

    .

photo
Infrastructure Running Cycle 2 KONSORTSWD

Forum 4 MICA

The idea of the incubator proposal is to use the Forum4MICA as a pilot project to connect the consortium KonsortSWD to Community AAI.

Forum4MICA is a publicly accessible exchange and information platform on topics related to the data collections of the participating Research Data Centers (RDC). The online forum gives RDCs (currently 18) an additional option for communicating with their data users and interested persons. It enables the provision of specifically requested information on the research data provided.

As submissions and interactions are only possible for registered users, logins via NFDI-AAI would substantially improve the user experience and reduce effort.

Goals

  • Find out if an implementation of an IAM system in the consortia is possible and act as a demonstrator within KonsortSWD.

  • Connect the existing community service Forum4MICA to NFDI AAI.

  • Identify which possibilities exist to connect the service

  • Evaluate the transferability of the IAM results in this incubator to additional services. E.g. institutional repositories (e.g. at GESIS) require registration but have so far not expressed interest in joining IAM4NFDI For these providers this incubator would be a demonstration of the service’s capabilities.

Activity page
  • Results & Deliverables
    .
    Ownership & Utilisation

    .

photo
Infrastructure Running Cycle 2 FAIRAGRO

FairAgro

FAIRagro is the NFDI consortium focussing on agrosystems research. FAIRagro will offer various services, such as a Nextcloud system, a Zammad-based helpdesk system, and the FAIRagro Search Portal. These services will be integrated with an Authentication and Authorisation Infrastructure (AAI) based on NFDI recommendations to facilitate usage.

Further services will be connected to the CAAI, including consortium-internal services and community services.

Goals

Link the existing FAIRagro services to the CAAI and develop a group and role concept to enable authorisation of different user groups. The integration process will involve the definition of groups and roles with regard to the consortium

Activity page
  • Results & Deliverables
    .
    Ownership & Utilisation

    .

photo
Infrastructure Running Cycle 2 DATAPLANT

DataPlant

The DataPLANT consortium develops and provides a wide range of services to support FAIR data science in plant biology. In the past, we have implemented our own IAM infrastructure but as our collaborations with other consortia and institutions continue to grow, we are in need of a broader IAM integration.

Our infrastructure needs to be connected to the larger IAM4NFDI system to allow users from both DataPLANT and other consortia to use our services. The DataPLANT user base needs to be integrated as a community identity provider. Authorisation decisions within the services should be derived from user attributes provided by the respective consortia identity providers.

Goals

  1. Integrate our identity provider with the IAM4NFDI system to allow DataPLANT users to easily connect to other NFDI services.

  2. Connect the IAM4NFDI infrastructure to our services to allow users from other consortia to use our services.

  3. Management of user attributes, their propagation across the service landscape and how we can use them to implement fine-grained authorisation policies based on entitlements, user affiliation and role, among other things.

Activity page
  • Results & Deliverables
    .
    Ownership & Utilisation

    .

photo
Infrastructure Running Cycle 2 NFDI4ING

Coscine-2

Coscine is an open-source platform for research data management (RDM) and can be used by all researchers of every field. In context of the FAIR-principles the login to Coscine is already possible with an institutional account (Single Sign-On) or using ORCID.

One aim of this incubator proposal is the extended support of social login possibilities within our CAAI (RegApp). Furthermore, we would strive for the connection of accounts inside RegApp (e.g., ORCID with Single Sign-On). This would simplify the usage of Coscine because now the user needs to manually connect the accounts within the platform itself. As a further point of the anticipated work, we would see the supply of intersections for delivering of information by the home organisation as well as by the AAI. This would improve the transfer of roles which is needed because in Coscine different functionalities are linked to specific roles.

Goals

  • Enabling intersections in a decentralized way to get information from the Home Organisation as well as from the AAI Login about the roles which are given in Coscine.
  • Analysing in which context the definition of roles in the framework of NFDI and Coscine makes sense and in how far they need to be implemented (e.g. as Reviewer for Application Profiles).

Activity page
  • Results & Deliverables
    .
    Ownership & Utilisation

    .

photo
Infrastructure Running Cycle 2 GENERAL

Come2Data

Come2Data aims to close a currently existing gap in support regarding a large range of data issues, such as:

  • Data problems during any stage of the data life cycle (e.g. acquisition, management, analyses and publication)
  • Trainings to acquire data competencies.

To address these issues, we operate a help desk (level 1 support) and provide educational resources, such as certified trainings (after completion of the current funding period for establishing the centre). For very specific data problems, we have a database of specialists in the respective fields who will gain access to Come2Data resources once they serve as data experts for our helpdesk (level 2 support).

In order to run the centre, we plan to implement a systematic technical infrastructure, containing a WordPress CMS-based website, a triple-store knowledge base, and storage space for large data

We seek support for an AAI solution that integrates the institution-specific IDM solutions to grant selective access on various levels (see above). We furthermore look for a solution to work with users with educational or scientific institutional login as well as without such a login possibility.

Goals

We aim for a broadly available authorisation process to gain access to our services that implements the use of existing AAI-solutions.

For users who are not affiliated with any community providing an AAI-service, an alternative solution is required, e.g. to register for our trainings and gain access to course material. The overarching goal is to make our services available to a broad range of users from both academic and non-academic (e.g. industrial, general public) backgrounds.

Activity page
  • Results & Deliverables
    .
    Ownership & Utilisation

    .

photo
Consultancy Incomplete Cycle 1 NFDIXCS

NFDIxCS

The current startup phase of NFDIxCS is characterized to hammer out the detailed requirements for the NFDIxCS platform. A key of both areas – the platform and the RDMCs – need a profound, flexible and extensible way to use and manage identities, authentication and authorization methods for accessing the plarform and the RDMCs managed within the platform.

The goal of the incubator is threfore to explore the field of identity management methods and technologies which are available and in wide use in the community – primarily in the field of platforms for management and publication of research data in Computer Science but also in related scientific areas beyond CS. The result of this will  be a list of related methods and architectural requirements to use the methods in the NFDIxCS systems that are implemented in the future.

Activity page
  • Results & Deliverables
    No content provided.
    Ownership & Utilisation

    No content provided.

photo
Infrastructure Incomplete Cycle 1 TEXT+

Authorisation on Objects

Repositories in general need certain authentication and authorization functionalities for controlling import and export of data. It would be desirable, that an NFDI-wide IAM solution supports such AAI functions, as they are required by potentially all research data repositories across all disciplines.

We acceppt this challenge and use the TextGrid and DARIAH-DE Repositories as examples to implement such AAI functions, if as extension, integration or even overall management shall be subject to decision of the IAM4NFDI group.

Activity page
  • Results & Deliverables
    No content provided.
    Ownership & Utilisation

    No content provided.

photo
Consultancy Completed Cycle 1 NFDI4EARTH

Integration of NFDI AAI to Open edX

This Incubator Project focuses on integrating the NFDI Authentication and Authorisation Infrastructure (AAI) with Open edX. The primary goals are to gain an initial understanding of IAM4NFDI, test the usability and features of available Community AAIs, and determine the best Community AAI to use.

Three major steps

Authentication Process

  • Applied for OAuth-Client with three Community AAIs (Unity, RegApp, AcademicID), created a Flask app for testing authentication methods.
  • Integrated three Community AAIs into Open edX using Python Social Auth, with reusable Python classes for third-party authentication.

Virtual Organisations

Applied for admin accounts, tested UI handling, and examined the impact on authentication attributes.

Decision on CAAI

Compared three AAIs using a rating matrix, recommended one within the consortium, verified by an internal group, and finalised by the steering group.

Activity page
photo
Consultancy Completed Cycle 1 NFDI4CHEM

Terminology Service

The goal of NFDI4Chem is to have a unified AAI solution within a single consortium, enabling users to seamlessly access and utilize all available resources. From the incubator project, we aim to integrate test instances of various services with the chosen CAAI. This will help us gather requirements that might necessitate modifications on both the services and the CAAI front, ensuring that the needs of the majority of these services are met. Following comprehensive testing across all facets, the test instances of each service will transition into production. The list of services to be connected with CAAI includes the Terminology Service (TS), Chemotion Repository, nmrXiv, COCONUT and more.

Activity page
photo
Consultancy Completed Cycle 1 NFDI4CULTURE

NFDI4Culture

The current NFDI4Culture IAM plays a pivotal role as the central AAI/SSO backbone of the consortium. It accommodates approx. 400 user accounts and seven integrated services, thus contributing significantly to the consortium’s operational efficiency. Due to the implementation of DFN standards, the current IAM already exhibits a high degree of compatibility with the IAM4NFDI set of SAML attributes. The logical next step for NFDI4Culture is the integration of its IAM into the evolving CAAI architecture of IAM4NFDI.

The transition is based on a two-tiered process:

  1. On tier one (not part of the incubator), NFDI4Culture is going to cooperate with DAASI to migrate the existing IAM solution to the IAM4NFDI-compatible CAAI solution didmos.

  2. On tier two (which is the focus of this incubator proposal), the consortium is planning to connect up to three exemplary services from its portfolio to the new IAM4NFDI-compatible CAAI while focusing on the conceptualisation, implementation, and operationalisation of the relevant NFDI policies and the design of a consortium-wide Incident Response Management system. The technical aspects of the integration of the services mentioned above will be done by DAASI in tier one. DAASI will also act as interface between tier one and tier two.

Activity page
photo
Consultancy Completed Cycle 1 NFDI4HEALTH

FDPG - Analysing data from clinical care

The German Portal for Medical Research Data (FDPG) is the central point of administration for scientists conducting research projects with routine medical data from German universities.

The Medical Informatics Initiative (MII), which is funded by the Federal Ministry of Education and Research (BMBF), collects patient data and biosamples taken during routine care for medical research and processes them at data integration centres based in university hospitals. The data are then made available in accordance with data protection regulations.

The FDPG offers:

  • An overview of databases for cross-centre research the opportunity
  • To evaluate the feasibility of specific research questions using
  • Feasibility inquiries a standardised process for requesting data and
  • Biosamples an established contractual framework for simple data use
  • The central coordination of data provision the transparent
  • Presentation of research projects in the project registry

Activity page
photo
Consultancy Completed Cycle 1 MARDI

Minimal OIDC login

Numerous web platforms, such as MediaWiki, support the OpenID Connect (OIDC) protocol, allowing users to sign in using their existing accounts. While Google or ORCID accounts were previously used for logging in, this incubator project aims to facilitate logging in using accounts from NFDI institutions with minimal effort for users and administrators while ensuring maximum privacy.

The Germany National Mathematical Research Data Initiative (MaRDI, mardi4nfdi.de) utilizes MediaWiki as its software to establish a comprehensive portal for research data in mathematics and related fields. This platform shares general-purpose technology with the Wikimedia Foundation and extends its functionality to cater to the specific needs of the MaRDI consortium. A fundamental requirement voiced by mathematicians contributing their research data is to avoid the maintenance of additional accounts, making the reuse of their institutional accounts a practical choice. Furthermore, this approach effectively mitigates the risk of spam by disallowing anonymous editing.

Activity page
photo
Infrastructure Incomplete Cycle 1 NFDI4DATASCIENCE

ArgoCD

IAM4NFDI aims to connect and expand current and new IAM (Identity and Access Management) systems, allowing researchers from various fields and institutions to easily access digital resources in NFDI.

To achieve this goal, IAM4NFDI introduced Incubator Cycles to promote ideas and needs for the NFDI-AAI (Authentication and Authorization Infrastructure).

NFDI4DS successfully proposed such an incubator project. It is using ArgoCD as a prototype for implementing IAM solutions and will be realized at TU Dresden.

The TU Dresden data center has already set up a Kubernetes Cluster for NFDI4DS users. It provides a user-friendly GitOps solution, ArgoCD, to access the cluster. The main users of ArgoCD within NFDI4DataScience are providers of our services, such as repositories and computation services for the data science community.

The goal is to authenticate our ArgoCD users through Single Sign-On with their institutional credentials to

  • improve user experience
  • increase employee productivity by reducing the time they must spend signing on and dealing with passwords
  • achieve better access control
  • improve security

Additionally, we’d like to gain a comprehensive experience from connecting ArgoCD to NFDI’s community AAIs. This incubator project will share the lessons learned to leverage the A (Accessibility) and I (Interoperability) in FAIR.

Activity page
  • Results & Deliverables
    ArgoCD input is still missing
    ArgoCD input is still missing
    ArgoCD input is still missing

    Ownership & Utilisation

    Dont know what that mean - the service is > opensource.

photo
Infrastructure Completed Cycle 1 NFDI4ING

Coscine

Coscine is a platform for research data management. Coscine offers researchers:

  • Storage space: access to free storage space (depending on organisational affiliation)
  • Integration: Access to project-related data sources (e.g. research data repository, linked files, archived data)
  • Collaboration: Access for all project members
  • Metadata: Automatically linked to project data
  • Individuality: Project-specific metadata can be created as application profiles
  • Archiving: Archive research data on site

The metadata for research projects can be shared publicly on Coscine, made searchable and, in the long term, findable at national level. Coscine thus contributes to the goals of the National Research Data Infrastructure NFDI by making valuable scientific and research data accessible to the entire German scientific system.

Activity page
photo
Integration Completed Cycle 1 NFDI4ING

JARDS Attribute Queries in RegApp

At RWTH Aachen University, the JARDS platform is used by researchers to apply for resources such as storage space or computing time. The applications are assessed in a multi-stage scientific review process. After approval, researchers must be given access to the resource and be able to manage other project members. This requires information about approved projects in RegApp. The aim of this project is to enable attribute queries via the SAML protocol in RegApp and to set up a Shibboleth-based attribute authority that returns user data from JARDS. This demonstrates how external applications can be integrated into the Community AAI as attribute authorities.

Activity page
  • Results & Deliverables
    • Implementation of a generic Docker image that can be used to set up a Shibboleth-based attribute authority
    • Provision of an attribute authority for JARDS project data
    • Extension of the RegApp to support SAML attribute queries

    Ownership & Utilisation

    The code for the Docker image for an attribute authority is available under the Apache Licence 2.0. If you are interested, please contact jards-dev@itc.rwth-aachen.de.

photo
Infrastructure Completed Cycle 1 NFDI4ING

MetadataHub

MetadataHub allows access to various metadata stores developed in the NFDI. All operations from "Create" to "Search" can be performed on the metadata stores. There are two demonstrators for this, one showing the interfaces and the other providing a search across all metadata stores.

Activity page