eResearch NZ
Enabling_authentication_at_global_scale-an_update_on_REANNZ_services.pdf (274.98 kB)

Enabling authentication at global scale: An update on REANNZ services

Download (274.98 kB)
posted on 2020-03-10, 03:55 authored by Vladimir Mencl

REANNZ operates for the New Zealand R&E community two well known services: Tuakiri, the Identity and Access Management Federation, and eduroam, roaming infrastructure for seamless network access. This presentation will give an update on new developments on these services.

Tuakiri has recently completed the connection to eduGAIN, the global "federation of federations" - and eduGAIN connectivity is now available to the NZ R&E community. This allows users from NZ institutions to log into services from other federations via eduGAIN - and in a similar vein, overseas users can log into NZ-based services connected to eduGAIN. Tuakiri is rolling out eduGAIN with an opt-in process, and this talk will cover the steps an Identity Provider or a Service Provider must take to join eduGAIN.

For eduroam, the global community has made several new very useful services available. With eduroam CAT, the Configuration Assistant Tool, it is now easy to onboard users for eduroam - either pointing them directly to the CAT website to install the connection profile, or rolling out the connection profile across a fleet of devices through centralised management infrastructure. In both cases, it results into consistent (and more secure) connection profile deployment. And CAT 2.0, released this year, makes it even easier for institutions to register with CAT and create the end-user connection profiles.

While larger institutions are well capable of running the infrastructure required for eduroam themselves, smaller institutions often find this task challenging. For these, as an alternative to running the IdP infrastructure, the Managed IdP offering might be the right fit: a fully hosted and managed eduroam IdP, with an interface for managing user accounts and for deploying these accounts on user devices.


Dr. Vladimir Mencl has been part of the New Zealand R&E community since 2006 and has been involved in identity and access management projects since the early days of the BeSTGRID project. When the Tuakiri project moved to REANNZ, Vlad joined REANNZ where he is part of the Systems team as a Senior Software Engineer.


Usage metrics

    eResearch NZ 2020




    Ref. manager