Skip to content Skip to site navigation Skip to service navigation


Shibboleth is an Internet2 consortium project that enables universities to share resources and research across institutional boundaries. The Shibboleth open-source software package works with Stanford’s other single sign-on Authentication and Authorization protocols to enable students, faculty, and staff to access resources at partner institutions without creating separate, local IDs and passwords for each one.

Any set of parties who use Shibboleth can create a trust relationship between their authentication systems. Service providers (websites that require authentication) can continue to allow access to users with local authenticated credentials and trust users with credentials from federated authentication services.

Stanford is a member of the InCommon federation, which has dozens of participating institutions. Many of our peer universities and academic research resources, such as OCLC and Elsevier, also belong to InCommon (see the full list). Members of these participating institutions can apply for Shibboleth access to and from Stanford. We also have our own local federation called FarmFed, where we set up trust relationships with websites that are not members of InCommon.

Designed for

Current faculty, staff, and students; groups and departments


A SUNet ID and a reason for accessing the remote InCommon federation site.

Data security

May be used to store or transmit Low, Moderate, and High Risk Data, as defined by the Information Security Office.


Free of charge

Get started

Application owners and service providers:

Students, faculty, and staff wishing to add resources or institutions to those which Stanford belongs to:

Get help

For support, please submit a Help request. Administrative Systems provides:

  • Support for the Shibboleth Service Provider (SP) software to Stanford affiliates.
  • Maintenance for Stanford's Shibboleth infrastructure.

Learn more

Documentation for application owners, web developers and content managers, and third-party service providers:

See also

Last modified November 30, 2020