Assurance for Identity Providers
Information for Identity Providers
Eligibility — See the steps to join the Assurance Program to determine if you are eligible.
Operational Requirements — The Identity Assurance Profile (IAP) [PDF] provides the detailed requirement for your identity management system. This chart (taken from the IAP) gives a nice overview for each profile.
Certification — For Bronze, certification can be accomplished by simply signing the Assurance Addendum (legal agreement). For Silver, identity providers complete a certification process that includes an audit of the identity management system.
Audit — If you are applying to be Silver certified, you will need an audit of your infrastructure. You will find an auditor toolkit on the Assurance community wiki.
Legal agreement — IdPs must sign the Assurance Addendum [coming soon], a legal agreement that supplements the existing InCommon participation agreement.
Bronze — There is no fee for Bronze.
Identity providers certified for Silver pay an annual fee (over and above the InCommon participation fee).
For more information about preparing your infrastructure for certification, refer to Components of the Assurance Program.
Ready to join?
See the steps to join the Assurance Program.
Certified? Next steps
Once certified, IdPs will need to configure their federation software to support Assurance. Detailed information for IdPs (and other information, as well) is available in the FAQ and on the InCommon Assurance wiki.
- Assurance is expressed using SAML2 AuthnContext, not attributes. For information on how to configure your system, see the Assurance Technical Implementation Considerations.
- InCommon is developing a Shibboleth plugin to enable IdP Operators to more easily support Assurance. Review the requirements progress on the Assurance wiki.
- Once certified, InCommon will insert the appropriate Identity Assurance Qualifiers into your metadata so that Service Providers can check your official status.