Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.

AAI usage guide

From EGIWiki
Jump to navigation Jump to search


Overview

This wiki page contains information about registering an account with the EGI AAI in order to access a variety of EGI tools and services using the same account.

Signing Up for an EGI Account

To access EGI resources, you need to sign up for an account. As part of this process you will be assigned a personal EGI ID, which will then be used across all EGI tools and services. To register your account, follow the instructions below:

  1. Enter the following URL in a browser: https://aai.egi.eu/signup
  2. Select your Identity Provider from the discovery page:
    1. browse through the list of Identity Providers to find your Home Organisation; or
    2. type the name of your Home Organisation in the search box. Note that this filter only matches entries within the currently selected view (tab) of Identity Providers and is localised based on the selected language.
  3. Enter your login credentials to authenticate yourself with your Home Organisation
  4. After successful authentication, you will be redirected to the EGI account registration form. Depending on the attributes released by your Identity Provider, you will need to go through one of the following account registration processes:
    1. Self-service Sign Up: Allows you to join the EGI User Community without approval by an administrator if all the information below is asserted by your Home Organisation:
      1. at least one of the following unique user identifiers:
        1. your pseudonymous, non-reassignable identifier (eduPersonUniqueId attribute);
        2. your name-based identifier (eduPersonPrincipalName attribute);
        3. your pseudonymous identifier (eduPersonTargetedID attribute or SAML persistent identifier)
      2. your first name (givenName attribute)
      3. your surname (sn attribute)
      4. your email address (mail attribute)
      5. your role in your Home Organisation (eduPersonScopedAffiliation attribute)
    2. Sign Up: If any of the information above cannot be released by your Home Organisation, you will need to provide the values of the missing attributes yourself. Your request to join the EGI User Community must then be approved by an EGI User Sponsor. You may optionally select a particular individual to review your request through the Sponsor dropdown list.
  5. On the registration form, click Review Terms and Conditions (Grid Acceptable Use Policy - Grid AUP).
  6. If you agree to the EGI AAI terms of Use, tick the I Agree box. Important: You will not be able to tick the box unless you have previously reviewed the terms.
  7. Finally, click Submit to submit your request.
  8. After submitting your request, EGI AAI will send you an email with a verification link in it. After you click that link, you'll be taken to the request confirmation page.
  9. After reviewing your request, click Accept and re-authenticate yourself using the Identity Provider you selected in Step 2.
  10. In the case of the Sign Up registration, you need to wait for an EGI User Sponsor to approve your request to join the EGI User Community. Upon approval, EGI AAI will send you a notification email.

Note: You can manage your profile through the EGI Account Registry portal at https://aai.egi.eu/registry.

Linking Additional Organisational/Social Identities to your EGI Account

Identity linking allows you to access EGI resources with your existing personal EGI ID, using any of the login credentials you have linked to your account. You can use any of your organisational or social login credentials for this purpose. To link a new organisational or social identity to your EGI account:

  1. Enter the following URL in a browser: https://aai.egi.eu/registry
  2. Click Login and authenticate using any of the login credentials already linked to your EGI account
  3. Navigate to My EGI User Community Account page in one of the following ways:
    1. hover over your display name next to the gear icon on the top right corner of the page; or
    2. select EGI User Community form the list of available Collaborations and then click My EGI User Community Account from the People menu
  4. Under the Organisational Identities section of your profile page, click Link New Identity.
  5. On the introductory page for Identity Linking, click Begin
  6. On the Link New Identity form, click Review Terms and Conditions (Grid Acceptable Use Policy - Grid AUP).
  7. If you agree to the EGI AAI terms of Use, tick the I Agree box. Important: You will not be able to tick the box unless you have previously reviewed the terms.
  8. Finally, click Submit to submit your request.
  9. After submitting your request, EGI AAI will send you an email with a link in it. After you click that link, you'll be taken to the Link New Identity confirmation page.
  10. On the Link New Identity confirmation page, click Confirm
  11. After confirmation, you will need to sign in using the login credentials from the home identity provider you want to link to your account.
Retrieved from "https://wiki.egi.eu/w/index.php?title=AAI_usage_guide&oldid=88972"