InCommon operates the identity management federation for U.S. research and education, and their sponsored partners. The federation provides a common framework for trusted shared management of access to online resources. Through InCommon, Identity Providers can give their users single sign-on convenience and privacy protection, while online Service Providers control access to their protected resources.
- Through InCommon, campuses leverage their identity databases to allow for the use of one set of credentials to access multiple resources.
- Online service providers no longer need to maintain user accounts.
- Identity providers manage the levels of their users' privacy and information exchange.
- InCommon uses SAML-based authentication and authorization systems (such as Shibboleth) to enable scalable, trusted collaborations among its community of participants.
For details, lists of participants, and information about joining, see incommon.org/federation.
- Convenience – Single sign-on with higher education credentials.
- Safety – Enhanced security with fewer data spills.
- Privacy – Release of only the minimum information necessary to gain access to resources (via attributes).
- Scalability – Once implemented, federated access is relatively simple to extend.
- Authentication – Campus does the authentication, maintaining control of user information.
- Authorization – Service provider makes access decisions based on attributes.
- Delegated Administration – Site administrators can delegate responsibility for administering service provider (SP) metadata to another administrator.
- Self-Service Password Reset – Reset your password for the Federation Manager yourself using our two-factor password process.
- Research & Scholarship Category for Service Providers – Service providers join the appropriate category and identity providers release one set of attributes to the category.
- Federated Error Handling – InCommon operates a centralized federated error handling service that will display an SP-branded error page to the user, with a link to the error handling URL for the IdP.
There is a one-time registration fee and an annual fee. Please see the fee schedule.
- The one-time registration fee covers the costs of vetting your organization, and identity proofing your executive and administrator.
- The annual fee supports the ongoing operations of the federation. Annual fees are prorated for the first year of participation based on the quarter in which an organization joins the federation.
InCommon participation is open to
- accredited two- and four-year degree-granting academic institutions
- research organizations, defined as a lab, facility, or center related to a particular federal research agency and listed on an official publicly available government listing
- Business, education, and research organizations who partner with higher education may join as Sponsored Partners
Details on eligibility and the joining process are at