XSEDE Capability Delivery Plan for "IDM-11: Use an XSEDE identity for InCommon authentication"

Use Case IDM-11: Use an XSEDE identity for InCommon authentication

Area: Account Management
URLs: Public, Review

Executive Summary: A researcher wants to authenticate to a national CI service that accepts InCommon identities.

URLs: Public
First CDP: 2017-04-06
Current CDP: 2018-07-24
Current Implementation Status: 
Significant Revisions:
This capability is currently supported by the following 4 components:
Component User facing? Component’s role in the capability
Kerberos no Provides user password authentication
Multi-Factor Authentication (MFA) with Duo yes Provides second factor authentication
XSEDE Central Database (XCDB) no Provides user information (name, email address)
XSEDE InCommon Identity Provider (IdP) yes Allows users to authenticate with their XSEDE Kerberos/Duo credentials for access to services federated by InCommon. This IdP also allows XSEDE users to log in to CILogon with their XSEDE identities.