IdM Documentation

This page contains some links where to find information on the topics addressed during the Identity Management Workshops.

Introduction to IdM Systems

The NMI website provides a rich source of information to plan an IdM. In particular:


One of the most used schema is eduPerson, developed by EDUCAUSE/Internet2. This schema has been used in Europe as well to derive other schemas to better match the European higher education environment (i.e funetEduPerson, switchEduperson and so on).

SCHAC: the schema definitions to facilitate information exchange among European institutions.


A good starting point to understand directories can be found at:

LDAP related information can be found at:

Metadirectories : the site offers a good overview on the issues involved in building an enterprise directories.

Authorisation and Authentication Mechanisms

Single Sign-On Systems

All solutions used nowadays to implement Identity Federation and hence to provide Single Sign-On (SSO) are built in SAML.
The research and education community in Europe and beyond mostly use Shibboleth, developed by Internet2 and SimpleSAMLphp, developed by UNINETT. SimpleSAMLphp, as the name suggests implements SAML functionality using PHP.

Further information on the deployment of Identity Federations in the research and education community can be found at:

Further readings on examples of Identity Federation Systems built using Shibboleth are available at:

Further readings on examples of Identity Federation Systems built using SimpleSAMLphp can be found at: