It is with great pleasure that we can report the next milestone in the development of the SWITCH edu-ID.
As you know, most of the Swiss university libraries launched the joint library platform Swisscovery in December last year. All university members can log in to Swisscovery exclusively with edu-ID.
However, many libraries have a service mandate not only for universities but also for private users. This means that authorisation via edu-ID had to be extended so that users who are not enrolled at a university can also use library resources.
Back in 2016, Daniel Lutz showed how the Shibboleth IdP can offer a real SSO feeling by reusing an already existing authentication token on domain-joined windows clients. SWITCH has now extended this concept in order to offer it to all organisations that have migrated to the SWITCH edu-ID.
For more than 15 years, the SWITCHaai federation was entirely based on the SAML protocol. SWITCH is happy to announce that as of March 1st 2021 the edu-ID identity provider (IdP) officially also supports OpenID Connect.
Today, with the going live of SLSP we have seen quite a few thousands SWITCH edu-ID accounts being created. This amount was considerably more than we have seen in the past. While the SWITCH edu-ID infrastructure kept working for those who had created their account already before, some users who created their account today before noon, had to wait a couple of minutes until their account was ready to be used to log into swisscovery.
We apologise for this inconvenience and ask our customers to try again.
Starting from around 12:10 today, operation goes smoothly again, meaning that newly created accounts can be used for login right away.
Here’s a couple of pictures to show what actually happened:
We thank our customers for their patience within this period of time. In case someone created more than one account – while assuming that a second one might work better – we strongly recommend to merge these two accounts back again.
Two and a half weeks before the semester start, a message went through the SWITCH internal chat saying that the 250’000th SWITCH edu-ID account had just been created! We actually assumed that this would happen only a few weeks later. However, apparently many new students from universities that have already adopted the SWITCH edu-ID, recently created their proper edu-ID account. This went so smooth that we didn’t even notice it, at least not from the number of tickets in our end user support queue, which showed only a minimal increase.
But this was not the only record to celebrate. On the second day of the new semester, 1594 new accounts were created within 24 hours. This number is 40% higher than the old record from exactly one year ago.
We have indeed been very busy in these last weeks increasing the scalability of the SWITCH edu-ID service and its components. The most important component is the IdP, as it has to be up and running 24×7, regardless of the load that the end users bring when logging in to their services. I’m very happy and relieved that this service could be put behind a load balancer, and that it received a twin worker node to start with. More such worker nodes can from now on easily be added if necessary. With this scalability increase, our infrastructure was able to stand the load increase that came along with the semester start, see the figure:
We are hoping that our service will continue to run so smoothly and we will do whatever is necessary in order to keep up with the increasing demands of our user.
Anyone wishing to begin studying human medicine, dentistry, veterinary medicine or chiropractic must register online with swissuniversities.
Since this year, authentication is exclusively done with SWITCH edu-ID on the Medon registration platform. Thus Medon uses a unique feature that was introduced with edu-ID in the Swiss AAI federation: anyone can create an edu-ID account and use it in the context of academic services.
eduroam is the well known and widely used, worldwide high-performance wifi access service from GÉANT. Eduroam profiles for a large variety of end user devices are now also available on the eduroam.ch portal.
Today, on 1st December 2019, the eduroam.ch service enters its pilot phase. Within the four months to come, SWITCH will find out whether this enduser-friendly service actually responds to a need of the Universities or not. eduroam.ch uses your SWITCH edu-ID for authentication, and lets you download a profile for each of your devices in a user-friendly way. These profiles are somewhat special in that they solve a typical BYOD problem. Today’s profiles obtained by eduroam.ch won’t connect you to inner V-LANs, but only to a generic or “guest” V-LAN, as on any other Campus.
Two Universities joined the pilot already right at the beginning. Others, as well as further organisations like e.g. Alumni associations, may join during the whole pilot phase until 31. March 2020. Participation in the pilot is free, and Universities can use this service in parallel to their specific existing eduroam profiles and infrastructure.
Organisation wanting to join, contact us at email@example.com. The same contact point answers also all further questions you may have about the service.
Less than 8 months after reaching 100’000 accounts, the SWITCH edu-ID can already celebrate its 150’000st account! Of course, we got a cake (again!) and of course, we took a picture (again!). Around the start of the semester in September, we have seen days where more than 1000 persons registered their SWITCH edu-ID!
In the late evening of February 25th, a prospect student registered at ZHAW and thus created a personal SWITCH edu-ID account. This account turned out to be number 100’000 !
The SWITCH edu-ID team is very happy to see an increasing uptake of this new service. It is user-centric and centrally managed. It is assisting the universities and their IT departments in their daily work.
On every day in the past few months, about 200 new edu-ID accounts have been created on average. About 40% of the users actually link their edu-ID with their AAI account provided by university.
Btw: the prospect student has not yet responded to our call, so we couldn’t share this cake with her yet.
On February 1st 2019 the University of Lucerne has made a big step. It is the first university that has completely switched over to the SWITCH edu-ID. All their roughly 4000 members use now their own secure, long-lived and user-centric SWITCH edu-ID account to access services relevant to the Swiss academic community.
The introduction of the edu-ID heralds a paradigm change in identity management for Swiss higher education. Users are getting more control over their personal data whereas universities can optimize their identity management processes. Fortunately, despite the fundamental architectural change, the impact on users is moderate.
“The migration to SWITCH edu-ID on 1 February 2019 went smoothly. Smaller problems after the migration were solved very quickly by SWITCH. Despite some obstacles in the course of the project, SWITCH provided us with competent support and assistance at all times.”
Marco Antonini, Head of IT
The first preliminary talks between University of Lucerne and SWITCH on edu-ID were held in September 2017. The idea behind the SWITCH edu-ID and, above all, the opportunities it offers in the future convinced the university right from the start. So they decided to change over relatively early. An important prerequisite, central user administration, was already in place, so that the concrete planning could be started.
As integration approach linking at registration was chosen for new students, and linking after admission for current members and future staff. With the integration of edu-ID in the organisational IT and the equipment of all members with an edu-ID identity the university has reached an important milestone. In a second step, further groups will be adressed namely alumni, auditors and further education students.
As the first organisation that completely changes over to SWITCH edu-ID, the university of Lucerne writes history. It can be rightfully proud of this achievement!
As a university member you usually have a unique role – you are either student, or teacher, or staff. In not so rare cases, however, a person has several roles at the same time, e.g. as a student and employee. How do universities deal with this situation today in SWITCHaai, and how is it covered in SWITCH edu-ID?