Every year, REFEDS undertakes a survey of global Federation Operators to get a sense of where we are as a community in supporting federated identity. 2018 was no exception, and the full results can be found on the REFEDS wiki. So what did we learn and what has changed in the four years since we started the survey?

Continuing Growth in Federations

REFEDS has always seen a yearly growth of education-based federations and this shows no sign of slowing down – showing a healthy interest and ongoing support for SAML as a basis for delivery. In 2016, the REFEDS survey saw 26 responses from 56 federations. In 2018, we received 43 responses from 74 known R&E identity federations. The majority of these federations continue to operate as “mesh” federations; that is fully distributed federations with no central hub.

2018 saw responses from 43 federations

Disparity in budgets impacts service

Federations are asked about their budget annually. In 2018, 72% of federations that responded have less than euro100K or do not have an allocated budget for their activity. This can be directly tied to the ability to serve the community requirements. Federations with a larger budget have been able to more quickly adopt new specifications and approaches such as Sirtfi and CoCo to support the research community. Other federations are struggling to add value and maturity within their current operational parameters. It is important to keep these metrics in mind when reviewing the success of federations in meeting community needs. This is also evident in the reports on staffing figures, which can be found in the full report.

The gap in federation budgets can be directly tied to uptake of specifications

Increase in managed service offers

There’s been a significant increase in federations offering managed services to Identity Providers and Service Providers. In 2017, only 28% of federations surveyed were offering central subscription services. For 2018, this has risen to 44%. A number of factors could be at play here, but this seems to reflect on the ability of organisations to have the skill-set in-house and shifting attitudes towards procurement vs provision within educational institutions.

The picture of services offered by Identity Federations is changing.

Slow but steady support for specifications

REFEDS reviews support for its specifications on an annual basis. We continue to see a slow but steady increase in support for REFEDS R&S and REFEDS Sirtfi, but a slight decrease in support for the GÉANT Code of Conduct (this is probably due to the upcoming v2 release of CoCo). Progress is still too slow to meet community needs – only 27 federations support Sirtfi and 30 support R&S. This is also reflected in the support by entities – 14.8% of eduGAIN IdPs support R&S and 12% support Sirtfi. More work is needed to significantly increase this status, despite the slow annual increase.

In this picture “MD” represents the actual figures shown in eduGAIN metadata vs the reported figures via the survey

Shift of focus away from development

Federations are asked to identify their top priorities on an annual basis. Over the years, we have seen a shift in focus away from developing and innovating in these responses and more attention paid to general operational support and support for entities. The exception is the repeated focus on OpenID Connect (OIDC) as federations consider how to integrate this technology with the current SAML offerings.

2018 Federation Top Priorities

Priorities in 2018 were Training and Support, Federation Operations, Promotions and Awareness, Small Upgrades, MFA and OIDC.

2017 Federation Top Priorities

Priorities in 2017 were OIDC, eduGAIN, MFA, Support and Self Service Portals.

Requirements for REFEDS

Finally, we ask each year if there are areas that Federations would like to see REFEDS address. There were no significant hot topics, but the following areas were mentioned:

  • Service Catalogue. REFEDS prepared a White Paper on service catalogue requirements and is now in consultation with the GN4 project as to how to deliver on these needs.
  • Federation Operations for OIDC. This requirement will be examined by the OIDC(re) Working group.
  • Training. REFEDS has a collection of training materials available but does not have a specific training plan. This will be discussed further with the community.
  • Discovery. REFEDS has been working with the RA21 group and will continue to collaborate with the efforts coming out of that group. REFEDS is also planning an update to its discovery guide.

The full report contains more details so please take a look if you are interested in a broader overview of the current state of Identity Federations in R&E.