TNC22

Implementing MFA on Shibboleth Identity Provider using Microsoft 365_Case of NIH Collaboration in Mali and Uganda

13 Jun 2022, 23:10

20m

Poster Posters

Speaker

Mr Ivan Frank Nsimbi (Research Data and Communication Technologies (RDCT))

Description

The Research and Education FEDerations group (REFEDS) Multi-Factor Authentication (MFA) Profile defines a standard signal Service Providers (SPs) may send to Identity Providers (IdPs) requesting the use of MFA during federated authentication flows. The IdP includes the corresponding signal in its response to indicate that MFA has occurred. The Profile also defines the minimum criteria a second authentication factor must meet in order for the IdP to claim successful MFA.

The National Institutes of Health (NIH) announced in June 2021 that it would require MFA for access to some of its resources. As part of the rollout, NIH would require trusted IdPs to support the REFEDS MFA Profile. As more SPs in the Research and Education community continue to require MFA for federated access, IdPs must implement the MFA profile soon.

This case study will describe the technical implementation details and challenges faced while enabling the REFEDS MFA profile on the Shibboleth IdPs for the NIH International Centers of Excellence in Research (ICERs) in Uganda and Mali using Microsoft 365 for issuing MFA tokens.

Presentation materials

Implementing MFA on Shibboleth Identity Provider using Microsoft 365_Case of NIH Collaboration in Mali and Uganda --- Ivan Frank Nsimbi.pdf

poster18_hd.jpg

poster18.png