====== Czech academic identity federation eduID.cz ======

Welcome to the Czech academic identity federation **eduID.cz** site! The purpose of the eduID.cz federation is to provide means for inter-organizational identity management and access control to network services, while respecting the privacy of the users. The eduID.cz federation is operated by [[https://www.cesnet.cz/|CESNET]].

eduID.cz is a member of [[http://www.edugain.org/technical/status.php|eduGAIN]] and participates in [[https://refeds.org/federations/federations-map|REFEDS]].

====== Why federation? ======

  * users may access multiple applications using just one password
  * single sign-on
  * service provider administrators do not have to preserve user's credentials and implement authentication
  * user authentication is always performed at the home organization, user credenitals are not revealed to the service providers
  * the federation infrastructure implements easy, standards-compliant and secure methods for exchange of user information

====== Federation structure ======

[[http://www.cesnet.cz/|CESNET]] acts as an **operator** of the federation - enforces the federation policy and coordinates all the activity, manages member registration, provides support and resolves security incidents.

Federation **members** are organizations, which have been completed the registration process. Member organizations may run one or more **components** which release user information or provide services. Dependent on the purpose, there are two types of federation components:

  * **identity provider** - connected to the organization's user management system, provides authentication and user information
  * **service provider** - provides online services or acces to online resources

====== Membership ======

Every organization, which complies with the [[http://www.ces.net/doc/aup.html|Access Policy]], may become a member without restrictions. Other organizations may join the federation, but as service providers only. More information about the membership is available in the [[.:join:]] section.

  * [[.:mrps:]]

====== Technology ======

The eduID.cz federation is based on the [[http://shibboleth.internet2.edu/|Shibboleth project]] developed by [[http://www.internet2.edu/|Internet2]]. Since it is a standard-compliant [[http://en.wikipedia.org/wiki/SAML|SAML]] implementation, it may be compatible with other SAML implementations like [[http://simplesamlphp.org/|simpleSAMLphp]] for example.

====== Metadata ======

See the [[en:tech:summary|technical overview page]].