Difference between revisions of "AAI usage guide"
Line 146: | Line 146: | ||
!8. | !8. | ||
|After successful authentication you will be redirected back to your EGI Account. Also, you'll be able to access EGI resources with<br/>your existing personal EGI ID using '''IGTF Certificate Proxy''' and your certificate. | |After successful authentication you will be redirected back to your EGI Account. Also, you'll be able to access EGI resources with<br/>your existing personal EGI ID using '''IGTF Certificate Proxy''' and your certificate. | ||
|[[ | | | ||
[[File:Saved igtf.png|350px|thumb]] | |||
|- style="vertical-align:top;" | |- style="vertical-align:top;" | ||
!9. | !9. |
Revision as of 15:03, 23 October 2020
Overview
This wiki page contains information about registering an account with the EGI AAI in order to access a variety of EGI tools and services using the same account.
This process is not about creating yet another (username/password) credential but to link user's existing credential (for example using an eduGAIN IdP) with EGI.
Signing Up for an EGI Account
To access EGI resources, you need to sign up for an account. As part of this process you will be assigned a personal EGI ID, which will then be used across all EGI tools and services. To register your account, follow the instructions below:
1. | Enter the following URL in a browser: https://aai.egi.eu/signup | |
---|---|---|
2. | Select your Identity Provider from the discovery page:
|
|
3. | Enter your login credentials to authenticate yourself with your Home Organisation | |
4. | After successful authentication, you may be prompted by your Home Organisation to consent to the release of personal information to the EGI AAI Service Provider Proxy. | |
5. | After successful authentication, you will be redirected to the EGI account registration form. On the introductory page, click SIGN UP to start the registration process. | |
6. | Depending on the attributes released by your Identity Provider, you will need to go through one of the following account registration processes:
|
|
7. | On the registration form, click Review Terms and Conditions (Acceptable Use Policy and Conditions of Use - EGI AUP). | |
8. | If you agree to the EGI AAI Terms of Use, select the I Agree option. Important: You will not be able to agree to the terms until you review them. | |
9. | Finally, click Submit to submit your request. Important: You will not be able to submit your request until you agree to the terms. | |
10. | After submitting your request, EGI AAI may send you an email with a verification link in it depending on the attributes released by your home organisation (see Step 6). After you click that link, you'll be taken to the request confirmation page. Important: If you do not find the email in your Inbox, please check your Spam or Junk folder for an email from "EGI AAI Notifications". If you do find the email in these folders, mark the email as "safe" or "not spam" to ensure that you receive any future notifications about your EGI ID. | |
11. | After reviewing your request, click Confirm and re-authenticate yourself using the Identity Provider you selected in Step 2. |
Note: After your registration has been completed, you can manage your profile through the EGI Check-in Registry portal at https://aai.egi.eu/registry.
Linking Additional Organisational/Social Identities to your EGI Account
Identity linking allows you to access EGI resources with your existing personal EGI ID, using any of the login credentials you have linked to your account. You can use any of your organisational or social login credentials for this purpose. To link a new organisational or social identity to your EGI account:
1. | Enter the following URL in a browser: https://aai.egi.eu/registry | |
---|---|---|
2. | Click Login and authenticate using any of the login credentials already linked to your EGI account | |
3. | Navigate to My EGI User Community Account page in one of the following ways:
|
|
4. | Under the Organisational Identities section of your profile page, click Link New Identity. | |
5. | On the introductory page for Identity Linking, click Begin | |
6. | You will need to sign in using the login credentials from the Institutional/Social Identity Provider you want to link to your account.
It is very important to escape the Identity Provider selection, cached in the Discovery page, before picking the new one. |
|
7. | After successful authentication, the new Identity Provider will be available under the Organizational Identities tab and you'll be able to access EGI resources with your existing personal EGI ID using the login credentials of the Identity Provider you selected in Step 6. |
Linking your Certificate to your EGI Account
Certificate linking allows you to add the subject DN of your certificate to your existing personal EGI ID. For this you need to import your certificate to your browser.
To link a subject DN to your EGI account:
1. | Enter the following URL in a browser: https://aai.egi.eu/registry | |
---|---|---|
2. | Click Login and authenticate using the login credentials of EGI account you prefer to add to your subject DN | |
3. | Navigate to My EGI User Community Account page in one of the following ways:
|
|
4. | Under the Organisational Identities section of your profile page, click Link New Identity. | |
5. | On the introductory page for Identity Linking, click Begin | |
6. | Continuously, you will need to sign in using the IGTF Certificate Proxy.
It is very important to escape the Identity Provider selection, cached in the Discovery page, before picking the new one. |
|
7. | Then select the certificate you want to link to your account from the popup window. | |
8. | After successful authentication you will be redirected back to your EGI Account. Also, you'll be able to access EGI resources with your existing personal EGI ID using IGTF Certificate Proxy and your certificate. |
|
9. | To verify that the subject DN is added to your EGI account scroll down to Organisational Identities and click on view button in the row where the source is https://edugain-proxy.igtf.net/simplesaml/saml2/idp/metadata.php. |
|
10. | Then scroll down to Certificates and you should see the subject DN of your certificate. |
Viewing user profile information
The profile includes all the information related to the user. This information can be categorised as follows:
- Basic profile
- VO/Group membership
- VO Affiliations and Roles
- Linked identities
1. | Basic profile:
|
|
---|---|---|
2. | VO/Group Membership Roles | |
3. | Linked Identities |