- Identity Provider (IdP): The system component that authenticates a user (e.g. with username and passwords) and issues identity assertions on behalf of the user who wants to access a service protected by a Service Provider.
- Service Provider (SP): The system component that evaluates identity assertions from an Identity Provider and uses the information from the assertion for controlling access to protected services.
- Discovery Service(DS): The Discovery Service service, also known as "Where Are You From (WAYF)" service, lets the user choose his home institution from a list and then redirects the user to the login page of the selected institution for authentication.
National Identity Federations
As of 2017, most western countries operate one or more identity federations for their higher education and research community. Most academic identity federations are operated within the borders of one single country. Their members are mostly education (e.g. universities) and research organisations (research facilities) within that country, as well as the services they operate. Most of them were established by the local national research and education network. Such federations are also called national federations. The first national federations were established around 2005.
Other Types of Federations
There are also federations, which are not operated for members within a single national country but for members of a particular community. One of the first such examples is the CLARIN Service Provider federation, which is operated by the language researchers of the international CLARIN research project.
There are also interfederation services whose scope go beyond that of a single country. Notably, the Kalmar Union (decomissioned in April 2017) and eduGAIN. They are however not typicial federations but rather interfederation services, which means that they help interconnecting existing national federations instead of fully incorporating all their entities in a superset, a confederation.
How many academic identity federations are?
To get an up-to-date answer for this question, please refer to the REFEDS federations page. REFEDS is a group of Research and Education FEDerations funded mostly by a few National Research and Education Networks and the Internet Society.
eduGAIN - The Global Academic Interfederation Service
eduGAIN is a service that interconnects the participating identity federations. They agree on a set of common standards and policies which ensure interoperability. eduGAIN is therefore also called an interfederation service. Its goal is to enable Pan-European Web Single Sign On (Web SSO) for members of the research and education community.