The InCommon federation establishes a trust relationship between numerous organizations, allowing users to log into partner sites using their organizations' native authentication systems (e.g. Stanford WebAuth).
For users of services within InCommon
Some SPs are set up to allow Stanford users to log in by default while others will require the release of specific identifying information from LDAP in the form of released attributes and/or a change in the SP's configuration to enable logins for the Stanford IdP. Stanford users who would like to enable WebAuth based logins for an InCommon partner should follow these steps:
- determine whether partner SP requires the release of any attributes
- submit request to LDAP data owners to ask for permission to release attributes (see Attribute Release Policy page)
- once you have the data owner approvals, submit a HelpSU request to Shibboleth administrators to update the release policy
The entityID of Stanford's identity provider in inCommon is urn:mace:incommon:stanford.edu.