In the digital era, the student, the teacher, the school administrator, etc., have to access several digital applications every day, which means them having to create and remember many usernames and passwords.
Federated Identity and the single authentication system (Single Sign On or SSO) are good solutions for these multiple account creations. Thanks to a single authentication, the user journey between different digital services is simplified and their use is therefore reinforced.
What is Federated Identity?
Federated Identity allows you to manage identities and accesses to confirm a user’s identity and their authorization for access to certain resources of the Information System.
Federated Identity involves 3 entities:
- The user who needs access to digital resources
- The digital service provider
- The identity of the provider
Federated Identity and SSO secure and simplify access to digital applications
The Federated Identity system is transparent for the user. With the SSO component, they use only a single username and password to access several digital applications.
The service provider frees itself from the management of user accounts with usernames and passwords: it is the user who manages their own account with a “lost password” system. The service provider can tailor the content they offer and control access to it depending on the user profile.
The identity provider adheres to a framework of trust for securing personal data and simplifying user access.
National identity providers, like EduConnect, allow the user to have a single account for digital services throughout their whole education. Even if there is a change of class, school or even Regional educational Authority.
Federated Identity applied to the world of education
The educational digital transformation specialist, Kosmos, offers a Federated Identity solution that is compatible with the current standard protocols, CAS, SAML2 and OpenId Connect, and provides inter-operability between all academic and national federated identity providers such as EduConnect and FranceConnect. These protocols are implemented using the Shibboleth software suite.
Our teams have assisted many educational stakeholders as a resource and/or identity provider:
- In primary and secondary education
- The BFC EMS: Federated Identity deployed across a territory via a digital workspace, providing access to many external services via a single account: internet portals of Regional Education Authorities and communities, LMS Moodle, teaching resources via the Resource access management system GAR (Gestionnaire d’Access aux ressources), etc.
- In higher education
- Campus Condorcet: Federated Identity has been implemented, keeping existing usernames and passwords coming from the various entities of Campus Condorcet (EHESS, CNRS, EPHE, INED, Sorbonne nouvelle, Université Paris I Panthéon Sorbonne, etc.) allowing researchers and students to use the digital services of the Campus.
- In technical and continuing education
- CESI: Kosmos developed the EMS for trainees and employees. A CAS type SSO was set-up allowing the user access to any CESI digital service following their initial authentication on the Active Directory Federated Services (ADFS), in a multi-tenant configuration. Amongst these services: EMS, Moodle, Office 365, timetable, documentary resources, etc.
Whether you have an identity provider or not, Kosmos can adapt to your needs.
Our teams will advise you how to implement a Federated Identity system: contact us.
Kosmos solutioning
Kosmos solutioning is the guarantor of personalised assistance through all phases of the project
See all solutions