News and Events

“How to deploy a unified communications network” and MAGIC offers free online trainings on these services “How to deploy a unified communications network” and MAGIC offers free online trainings on these services Friday, 02 June 2017 Both courses are part of the work carried out in the MAGIC project during the last...
Global Science Communities: an example of MAGIC success Global Science Communities: an example of MAGIC success Wednesday, 31 May 2017 The MAGIC project just completed two years working to achieve its main objective...

If your NREN is interested in establishing its Identity Federation, you will find help by following these links:

REFEDS (the Research and Education FEDerations group)

Latin American Identity Federations:

  • Brazil: RNP - Café. Responsible: Jean Carlo Faustino, This email address is being protected from spambots. You need JavaScript enabled to view it.
  • Chile: REUNA - COFRe. Responsible:Alejandro Lara, This email address is being protected from spambots. You need JavaScript enabled to view it.
  • Colombia: RENATA - ColFIRE. Responsible: Carlos Ramirez, This email address is being protected from spambots. You need JavaScript enabled to view it.
  • Ecuador: CEDIA - MINGA. Responsible: Claudio Chacón - This email address is being protected from spambots. You need JavaScript enabled to view it.

EduGAIN: Learn abourt global integration of identity and services federations

An identity federation is a group of institutions and organisations that sign up to an agreed set of policies for exchanging information about users and resources to enable access to and use of the resources. Many organisations use Authentication and Authorisation Infrastructures (AAIs) to build a trusted environment where users can be identified electronically using a single identity. These systems can also contain information about a user's access rights based on attributes characterising their role. Resource owners (service providers) may use these federated environments to control federation participants’ access to the provided resources.

In simple terms, Identity Federations are an identity management systems that gathers national education and research institutions, through their databases integration. This means that the user can access the services of their institution and the ones offered by other participating organizations from wherever they are, through a single sign-on account. This authentication eliminates the need for multiple access passwords and registration processes, generating a trusting relationship. Distance learning services, access to scientific publications and collaborative activities are among the biggest beneficiaries of the infrastructure offered by federations.

Institutions belonging to a national Identity Federation may act as identity providers (IdP) and as service providers (SP). The National Research and Education Networks (NRENs) are responsible for managing and keeping the centralized repository with data on federation members.


  • It is not necessary to register in different systems or manage different passwords;
  • Steadier navigation, without the need to authenticate every step;
  • Control over data privacy;
  • For the identity provider, the service infrastructure (database and software) may be used to control the access to internal services of the institution, creating a single point for the many offered resources (libraries, academic management systems etc.);
  • For the service provider, the register used can be managed by other institutions (identity providers), with the guarantee of information reliability and updating. They undertake explicitly to maintain the information provided updated, contrary to what happens with solutions in replicated registers.

How it works

A federated authentication and authorization infrastructure (AAI) is consisted of two main elements: the identity providers, responsible for maintaining information about users and their authentication; and service providers, which offer access to a specific feature or service. The interaction between both is a relationship of trust, because one needs to believe in the quality of data provided by the other, to ensure that these are only used for the agreed purposes.

When accessing a certain service provider, the user is redirected to a page that presents a list of identity providers. The user then choose his home institution and the browser is redirected to this institution’s identity provider. After the user is authenticated, the identity provider sends this authentication result to the service provider and creates a session associated to the user, so that accesses to new services within a given time interval do not generate new authentication requests.

The activities that MAGIC is carrying out in order to foster the deployment of the platforms that enable mobility of people and seamless access to services, are:

  1. Analyse the regions that will encompass the project scope to design the best Federation architecture to be implemented per territory.
  2. Develop and adapt training material for Identity Federation and eduroam deployment, supporting local language requirements as necessary.
  3. Implement online training for Identity Federations and eduroam in an e-learning platform (NREN or project partner).
  4. Identity Federation and eduroam training workshop for Regional RENs.
  5. Develop and provide in-class training (boot camp) to establish identity management professionals in the region.
  6. Implement the model selected in 2.1 for federation deployment.

MAGIC Partners


Contact us

If you need some other information about MAGIC, please write us to

Connect with us

We're on Social Networks. Follow us & get in touch.


This project is co-funded by the Horizon 2020 Framework Programme of the European Union

EC emblem