Keycloak fullfil all the required functionalities expected:

• Compatible: OIDC (priority), SAML (interesting, eduGain).
• Federation of 1-N Institutions. Citizen Scientists (Social IDs).
• Roles Management. Role mapping (e.g. Google users to Citizen Scientist).
• Identity linking (optional).
• Group Management. Some groups are allowed to do…
• Distributed, clustered. High availability. NATIVE

Federated User Credential Deployment Portal.

WaTTS allows using any legacy service with federated identities, such as eduGain or google.

For this, WaTTS accepts federated identities (via OpenID Connect) and uses a plugin scheme to generate credentials for your service. This allows you to provide services that do not normally support federated identities to federated users.