Home | About InCommon | Join InCommon

• Join InCommon
• Participants
• IAM Online
• Policies and Practices
• Technical Information
• Metadata, WAYF, & CA
• Site Administrator Info
• Frequently Asked Questions
• Benefits
• Site Administrator Login
• Collaboration Wiki
• Glossary
• Contact Us
• About

Information for InCommon Administrative Contacts

The Administrative Contact is responsible for submitting all metadata, certificate signing requests, and Participant Operating Practices (POP) URLs to the InCommon Federation. For new Adminstrative Contacts, a phone call is necessary for the federation to do identity proofing and set up access to the administrative interface.

Administrative Interface Login

The login address is: https://service1.internet2.edu/siteadmin/manage/

InCommon Participant Operating Practices (POP)

Federation participants must provide InCommon with a link to their practices as described in the Participant Operating Practices (POP). You will find a POP template here, along with a number of other helpful documents.

Metadata Submission

For information on metadata submission, and the metadata required of both identity management systems (Identity Provider) and online resources (Service Provider), please see the metadata page.

Additionally, InCommon participants must submit the URL of their Participant Operational Practices (POP). The question/answer template questions is here: http://www.incommonfederation.org/policies.cfm

CSRs (Certificate Signing Requests)

Please note that InCommon accepts self-signed certificates. As of January 2010, the federation no longer accepts certs from the InCommon Certificate Authority, which will no longer issue certs. You can view this wiki page for more information on self-signed certs.

Each IdP/SP needs a corresponding InCommon certificate. Submit a CSR that conforms to the InCommon Certificate Authority's Server Cert Profile, found in this document: http://incommonca.incommonfederation.org/practices.pdf. Once your CSR has been submitted, your certificate will be emailed to the Administrative Contact on the next business day. The certificate will be in PEM format.

Shibboleth Recommendation - New Deploys

InCommon strongly recommends that all new participants planning to use Shibboleth Federated Single Sign-on Software install and deploy version 2.x. Shibboleth v1.3 will no longer be supported after June 30, 2010. There are no new features being added to v1.3 and there are no guarantees that changes to the current release are backwards compatible. For more information, see http://shibboleth.internet2.edu/shib-which-version.html.

Other Helpful Links

The following are links to information and definitions, which may be helpful in the process.

• InCommon Metadata page
• InCommon Technical page
• InCommon Glossary of Terms
• Shibboleth Support page

Ths page last updated December 18, 2009