The benefits of eduroam are clear with over 11 million national or international roaming authentications every day and millions of users in over 100 countries. eduroam is designed to be easy to use but behind the scenes it is a very complex operation, relying on all participating institutions to manage a service that controls all their user identities and responds to connection requests from eduroam access points worldwide.
This requires the management and support of an Identity Provider (IdP) service, a well-managed identity backend, and a RADIUS server to verify the credentials from that backend and grant user access to eduroam. Many smaller institutions may not have the in-house skills or resources to operate the required services and maintain their integrity.
This is why eduroam Managed IdP has been developed.
eduroam Managed IdP outsources the technical setup of eduroam IdP functions to the eduroam Operations Team, allowing institutions to focus on their users and freeing up valuable technical support resource. The system includes:
- A web-based user management interface where end user credentials for access to eduroam can be created and revoked.
- A technical infrastructure (CA) which issues and revokes credentials for users to access eduroam
- A technical infrastructure (RADIUS) which verifies access credentials and subsequently grants access to eduroam.
Using the service, National Roaming Operators (NROs) can invite their institutions to use eduroam Managed IdP. Once invited, institutions can use this system to create end user credentials (accounts) according to their local institution policy.
eduroam Managed IdP is designed using the latest cryptographic technology. It uses the Configuration Assistant Tool to securely configure user devices and reduce the support requirements.
There is no charge for NROs to use the services and so far 20 countries, including Sweden and New Zealand, have already adopted eduroam Managed IdP, with over 16,000 authentications taking place every month.
eduroam Managed IdP in Ukraine
On 2 and 3 July, the Ukrainian NREN URAN Association connected their first two institutions to eduroam (global Wi-Fi roaming) using the newly released eduroam managed IdP service. It is used by the Institute of Magnetism in the National Academy of Sciences of Ukraine, with a team of 56 researchers, and the Mykolaiv Observatory, with a team of 20 researchers.
Find out more at https://hosted.eduroam.org
A webinar is scheduled for 20 November 2019 to introduce eduroam Managed IdP for National Roaming Operators. Registration is open at https://eventr.geant.org/events/3201