Helmholtz ID / AAI¶

This is the technical and administrative documentation on Helmholtz ID / AAI.

How to do the basic steps in Helmholtz ID / AAI¶

In a decentralized, networked model of cloud services known as federated cloud, the federated Authentication and Authorization Infrastructure (Helmholtz AAI) plays a crucial role. Proper usage of this system requires a few key steps and some foundational knowledge to avoid common pitfalls.

See here how to do the most important steps:

A) As a user: How to log in to cloud services
B) As a user being invited to a group: How to join a group (VO)
C) As a group leader/PI: How to create and manage a group (VO)

In all cases: If anything breaks, check FAQ, or contact us.

What’s the difference between Helmholtz ID and Helmholtz AAI?¶

Helmholtz ID is the central service allowing unified user and group management for Helmholtz and beyond. It is technically and procedurally accomplished by the underlying Authentication and Authorisation Infrastructure (AAI) that is set up and maintained by HIFIS.

For a high-level representation, have a look at the Helmholtz ID / AAI Homepage on hifis.net.

Helmholtz ID Logo

Further information¶

Here we describe all you need to know about registering a Virtual Organisation (VO), details of managing groups in VOs, registering a service, joining as an identity provider, or using the Helmholtz ID capabilities to authorise users and user groups for fine-grained access to your service(s), and more (see menu).

We further describe our goals, technology, and policies, and give further organisational information (see menu).

Goals¶

The goal of Helmholtz ID is to enable stakeholders with a Helmholtz background to accomplish several tasks:

Enable the participating Helmholtz Centres to provide services to well defined sets of federated users, based on solid authentication and authorisation.
Enable Principal Investigators (VO Managers) at Helmholtz Centres to allocate resources on behalf of their group (VO) and to manage the authorisation for the members of their VOs.
Enable global researchers to use services provided by Helmholtz Centres - given they are properly authorised and their identity is adequately understood.
Align with European activities that focus around the European Open Science Cloud (EOSC).