Skip to content

Helmholtz ID / AAI

Helmholtz ID Logo

How to do the basic steps in Helmholtz ID / AAI

In a decentralized, networked model of cloud services known as federated cloud, the federated Authentication and Authorization Infrastructure (Helmholtz AAI) plays a crucial role. Proper usage of this system requires a few key steps and some foundational knowledge to avoid common pitfalls.

The federated cloud in this case is a set of services, distributed at the Helmholtz centres, with some common parts, like the user account, support or service catalogue.

At an federated Authentication and Authorization Infrastructure the authentication and authorization of users is distributed across multiple components. The authentication is performed at the user’s home organisation. The result of this authentication and information of the user are transferred to Helmholtz ID, the central component of the Helmholtz AAI. This information are enriched with further information and send to the service. The authorisation, to use a service is based on multiple information which came from the user’s home organisation (reliability of the information), Helmholtz ID or other sources.

See here how to do the most important steps:

In all cases: If anything breaks, check FAQ, or contact us.

What’s the difference between Helmholtz ID and Helmholtz AAI?

Helmholtz ID is the central service that enables unified user and group management across Helmholtz and beyond. This is technically and procedurally implemented by the underlying Authentication and Authorization Infrastructure (AAI) which is set up and maintained by HIFIS.

For a high-level representation, have a look at the Helmholtz ID / AAI Homepage on hifis.net.

Further information

Here we describe all you need to know about registering a Virtual Organisation (VO), details of managing groups in VOs, registering a service, joining as an identity provider, or using the Helmholtz ID capabilities to authorise users and user groups for fine-grained access to your service(s), and more (see menu).

We further describe our goals, technology, and policies, and give further organisational information (see menu).

Goals

The goal of Helmholtz ID is to enable stakeholders with a Helmholtz background to accomplish several tasks:

  • Enable the participating Helmholtz Centres to provide services to well defined sets of federated users, based on solid authentication and authorisation.
  • Enable Principal Investigators (VO Managers) at Helmholtz Centres to allocate resources on behalf of their group (VO) and to manage the authorisation for the members of their VOs.
  • Enable global researchers to use services provided by Helmholtz Centres, provided they are collaborating with Helmholtz, properly authorised, and their identity is adequately verified.
  • Align with European activities that focus around the European Open Science Cloud (EOSC).

Mailinglists for Helmholtz AAI

These lists are used in the Helmholtz AAI:

Public
Moderated

Need help?

Contact us if you need help.