Identity and education federation: securing and simplifying digital services

Published on January 12, 2021 by - Updated on 08 juin 2021 à 15H20

In the digital era, the student, the teacher, the school administrator, etc., have to access several digital applications every day, which means them having to create and remember many usernames and passwords.

Federated Identity and the single authentication system (Single Sign On or SSO) are good solutions for these multiple account creations. Thanks to a single authentication, the user journey between different digital services is simplified and their use is therefore reinforced.

What is Federated Identity?

Federated Identity allows you to manage identities and accesses to confirm a user’s identity and their authorization for access to certain resources of the Information System.

Federated Identity involves 3 entities:

  • The user who needs access to digital resources
  • The digital service provider
  • The identity of the provider


Do you have a Federated Identity project?
Our experts are at your disposal.


Federated Identity and SSO secure and simplify access to digital applications

The Federated Identity system is transparent for the user. With the SSO component, they use only a single username and password to access several digital applications.

The service provider frees itself from the management of user accounts with usernames and passwords: it is the user who manages their own account with a “lost password” system. The service provider can tailor the content they offer and control access to it depending on the user profile.

The identity provider adheres to a framework of trust for securing personal data and simplifying user access.

National identity providers, like EduConnect, allow the user to have a single account for digital services throughout their whole education. Even if there is a change of class, school or even Regional educational Authority.

Identity and education federation
Identity and education federation


education federaion kosmos
education federaion kosmos

Federated Identity applied to the world of education

The educational digital transformation specialist, Kosmos, offers a Federated Identity solution that is compatible with the current standard protocols, CAS, SAML2 and OpenId Connect, and provides inter-operability between all academic and national federated identity providers such as EduConnect and FranceConnect. These protocols are implemented using the Shibboleth software suite.

Our teams have assisted many educational stakeholders as a resource and/or identity provider:

  • In primary and secondary education
    • The BFC EMS: Federated Identity deployed across a territory via a digital workspace, providing access to many external services via a single account: internet portals of Regional Education Authorities and communities, LMS Moodle, teaching resources via the Resource access management system GAR (Gestionnaire d’Access aux ressources), etc.
  • In higher education
    • Campus Condorcet: Federated Identity has been implemented, keeping existing usernames and passwords coming from the various entities of Campus Condorcet (EHESS, CNRS, EPHE, INED, Sorbonne nouvelle, Université Paris I Panthéon Sorbonne, etc.) allowing researchers and students to use the digital services of the Campus.
  • In technical and continuing education
    • CESI: Kosmos developed the EMS for trainees and employees. A CAS type SSO was set-up allowing the user access to any CESI digital service following their initial authentication on the Active Directory Federated Services (ADFS), in a multi-tenant configuration. Amongst these services: EMS, Moodle, Office 365, timetable, documentary resources, etc.

Whether you have an identity provider or not, Kosmos can adapt to your needs.
Our teams will advise you how to implement a Federated Identity system: contact us.