This is the Helmholtz AAI Webpage, describing all you need to know about joining as a user, a Virtual Organisation (VO), a service or as an identity provider. We describe our goals, technology, organisation and policies.
Some of the contents and documentation have been derived from the predecessor of Helmholtz AAI, the Helmholtz Data Federation (HDF) AAI.
The goal of Helmholtz AAI is to enable stakeholders with a Helmholtz background to accomplish several tasks:
- Enable the participating Helmholtz Centres to provide services to well defined sets of federated users, based on solid authentication and authorisation.
- Enable Principal Investigators (VO Managers) at Helmholtz Centres to allocate resources on behalf of their group (VO) and to manage the authorisation for the members of their VOs.
- Enable global researchers to use services provided by Helmholtz Centres - given they are properly authorised and their identity is adequately understood.
- Be in line with European activities that focus around the European Open Science Cloud EOSC
- For Users: How to use Services connected to Helmholtz AAI
- For PIs (VO Administrators): The role and responsibility of the VO admin
- For Services: How to add a service to Helmholtz AAI
- For Developers: Notes on service implementation
- For Identity Providers: How to be an IdP for Helmholtz AAI
- Helmholtz AAI supports users with different levels of Assurance
- Security Procedures: Incident Response Procedure
- Unity@FZJ: https://login.helmholtz.de
- The full list of services connected to the Production Unity can be found here: https://login.helmholtz.de/unitygw/VAADIN/files/connected-services.html
- Services with special requirements can be connected to the reg-app@KIT: https://bwidm.scc.kit.edu/
- SP-IdP identity and infrastructure proxy functionality
- web-sso and non-web access via LDAP including SSH key management, federated two-factor access and group management
- automated deprovisioning services
Please note that services that are in development can be added to the production AAI, as long as they do not have any dependency on specific AAI features.
- Unity: https://login-dev.helmholtz.de
- Services connected to the Development Unity: https://login-dev.helmholtz.de/unitygw/VAADIN/files/connected-services.html