Skip to end of metadata
Go to start of metadata

 

NJTrust is New Jersey's Identity Trust Federation. A Trust Federation is a collection of institutions and vendors that want to be able to access each other's applications in a shared, secure and trusted manner. It provides a coordinated approach to verifying users' identity and what they are permitted to do.

We have several New Jersey Higher Education institutions that are currently participating in our federation. The Federation is using Shibboleth as the middleware software. New services can be rolled out to participating institutions simply by adding them to the Federation. Similarly, existing services can be extended to new Institutions who join the Federation.

To use the applications that participate in the Federation, you will need an "Identity Provider." This software allows other sites to check your users' identity, and to confirm information about them, such as whether they are faculty, students, etc. Your identity provider provides the authentication by checking the username and password. Depending upon your policies the information sent back to the application need not include any identifiable information about the user. All the application needs to know is that your institution considers it a valid user.

To provide an application yourself, you will need a "Service Provider". This is a piece of software that allows your application to find Identity Providers at other institutions, verify that a user is valid, and check attributes such as whether the user is faculty or student.

There's one more, optional, piece of the picture: the "Discovery Service." If a service provider wants to serve users at several institutions, it has to start by asking users which institution they are from. Then it sends them to that institution's Identity Provider to check their username and password. The NJEdge Discovery Service is a page that lists all the institutions in the NJEdge Federation and their identity provider. If you want to allow anyone at an NJEdge institution to use your service, the NJEdge Discovery Service is the easiest way to do so. If you want to use a different collection of institutions, you can set up your own Discovery Service. It can pull in the list of NJEdge institutions using the NJEdge metadata.

Currently this site contains "metadata" for each participant. Metadata contains information about an Identity Provider or Service Provider. It allows other providers to find each other, and to verify the identity of the other provider. 

See NJEdge Federation Metadata for more information on using this metadata.

  • No labels