See Naming Conventions.
CESSDA uses eduTEAMS to provide single sign on (SSO) for tools and services running on the CESSDA platform.
eduTEAMS controls access to restricted resources using Virtual Organisations (VO), which can contain groups for more granular access controls. The CESSDA VO has the identifier
cessda.vo.eduteams.org. Users can register using a dedicated URL.
Registering services that run on the CESSDA infrastructure is handled by Main Office.
Make sure to select the technology that the service uses (i.e. OpenID Connect or SAML), as well as the correct flow and token endpoint method if OpenID Connect is used.
Note down the
Client ID and the
secret. These must be treated as secrets. These credentials cannot be retrieved again after the form is closed.
eduTEAMS defines several attributes that are available in the Reference Documentation.
Here are some of the attributes of note:
- Display Name
- Email Address
- These are assigned in the eduTEAMS VO, and can be used to restrict functionality like an editor to authorised users.
- Users with this group string are part of the CESSDA VO and the developers group
- More examples are part of the reference documentation