SIR - The RedIRIS Identity Service
SIR (Servidor de Identidad de RedIRIS) offers a hub that forwards identity data managed by the RedIRIS affiliated institutions to sites where these data can be applied for improving access control, enriching user experience, strengthening the security, and many other service enhancements.
SIR is based on federated identity technologies, so:
- Users are identified by the local servers of their institutions, using the procedures defined by them, and without exposing their credentials out of the local realm.
- Identity service managers have full control over the identification procedures and the attributes associated with each user.
- Each institution autonomously applies the control mechanisms that sees fit in order to offer its users the possibility of making informed decisions on the personal data subject of being exchanged.
- Service providers autonomously apply any access control mechanism to the resourcs under their responsibility, according to their policies. It is important to take into account that any organization willing to provide access through SIR can be a service provider, whether they are part of the RedIRIS community (or any other NREN), or not (commercial companies, governmental agencies, etc.).
The current version of SIR uses internally the PAPI v.1 federation protocol and is able to exchange data according to the following protocols:
- PAPI v.1
- SAML 1.1 / Shibboleth 1.3
- SAML 2 / Interoperable SAML2 Profile / Shibboleth 2
- eduGAIN, SAML 2.0 Int profile
- OpenID (version 1 and 2)
- Proprietary protocols:
- Microsoft Live@Edu SSO
- MSDN Academic Alliance
- Wiley Trusted Proxy Server
The service is based on the publication of trusted links through the federation metadata, accessible through the SIR metadata documents.
How to participate
If you want to join the service as an identity provider, your institution must be affiliated to RedIRIS. If you don't know exactly the benefits of joining SIR, please take a look at the beneficios.
To join SIR as an identity provider:
If you are planning to offer access to your services through SIR: