...
Currently EISCAT is not using AAI solutions directly integrated with the services.
CLARIN
CLARIN established a task force for the AAI integration in 2013, and the community is deploying AAI integrated solutions. In most countries the IdP systems of the universities and other research institutions offer a high level of traceability of users which is very relevant for allowing access to restricted corpora.
...
Most IdPs offer decent login pages, SAML error messages are often very cryptic and give the wrong impression on what side (client or server) the root cause of the problem is, and the services and tools are not implemented to deal in a transparent way with missing attributes.
EGI
EGI is a resource infrastructure. The main goal is to enable users to access the distributed infrastructures.
...
X509 authentication has proven to be scalable and to work for almost any use case, from a technical point of view. New user communities prefer to use other technologies for the authentication, for example username/password based authentication.
EUDAT
Federated access has been one of the goals from the beginning of the EUDAT project. EUDAT infrastructure is designing a new service called B2ACCESS to enable the integration of federated IdP with the EUDAT services. The use cases for this service are:
...
B2ACCESS is not yet integrated in eduGAIN, but this is high in the list of priorities, currently it is under testing with an handful of IdPs and users.
FMI
FMI would support many applications cross institutions and countries, but currently the academic AAI have issues in cross-country interoperability, and interoperability – for example – with social media credentials. FMI uses a commercial AAI solution, Auth0, and it works very well for the FMI use case, one example is the integration with a commercial service such as dropbox, which was very easy and fast.
The experience with academic IdPs has been difficult because of the bureaucracy involved, and the limitations for attribute sharing.
D4Science
The main benefits in FIM highlighted by D4Science are:
The easiness in taking part in several research communities by using a single set of credentials.
Less barriers for users in accessing services exposed by different research communities.
Adoption in conjunction with Access Delegation, Federated access enables capability to build composite services built on top of services spanning across different identity domains.
In general using using the SAML Web Browser SSO profile tools are user friendly and they fulfill the user expectations, where such expectations are SSO capabilities with a adequate level of security.