Identity provider proxies allow the hub-and-spoke federation to appear as a full mesh, at least for the purposes of IdP discovery. This means that service providers can make use of local discovery and see a list of individual SAFIRE identity providers rather than seeing a single entry for the whole federation. In turn, this eliminates the “double discovery” problem for service providers that use local discovery to select amongst a number of different federations (e.g. sites that use DiscoJuice or derivatives). Instead of clicking through two discovery interfaces (local to select the federation, central to select the IdP), end users can select their identity provider directly at the SP. …

The Danish e-Infrastructure Cooperation (DeiC) published an article about our collaboration with WAYF, the Danish identity federation. The article is available on the DeiC website at https://www.deic.dk/node/682?language=en.

The late 2015, the SAFIRE steering committee approved a proposal to collaborate with the Danish federation, WAYF. The intent was to gain insight and experience from the Danes, in the hopes of spring-boarding our own federation into production. As part of this collaboration, the newly appointed Project Director will spend a week at WAYF’s offices in Denmark before travelling to REFEDS 32 and TNC16. During this visit, he will be exposed to all aspects of WAYF’s operations — technical, policy, and governance. …