What is Shibboleth?
Many online services are not freely available to the general public. You've probably noticed this when using research databases, ebook collections, online learning platforms, university information systems, etc. Before you can access the service, there are two checks:
- Are you the person you say you are?(authentication)
- Which services are available to you and to what extent?(authorization)
To make this process easier across different academic online services, many universities use an authentication and authorization infrastructure based on Shibboleth.
After you've been authenticated as being affiliated with the university, you can use all of the services the university has licensed without having to log in again (single sign-on). You only need to re-enter your university credentials if you close your browser or delete your browser information. After authentication, your university is recognized by various services (service providers) as the identity provider.
Since the sharing of personal information can be problematic, Shibboleth was developed with an emphasis on protecting privacy and security. The identity provider relays as little information as possible to the service provider. In addition, the password you use to log in is not transferred.