ETH ORD Identity and Access Management Guidelines

Authentication, authorization, and identity and access management (IAM) are central to interoperability between services. Currently ETH services use a variety of identity providers, from federated services like SWITCH eduID to institute-specific active directory installations. Incompatibilities between authentication and authorization can be a major obstacle to interoperability between institutes. To mitigate this, we propose to draft a set of guidelines for IAM practices relating to ORD services. All M2 projects funded under this measure will be expected to follow the guidelines, ensuring that these services are interoperable. The guidelines will also be published in the Central Info Point website and disseminated to researchers, providing clear best practices for services outside the ETH ORD program to follow.