Author: Rolf Brugger

New simplified edu-ID integration for organizations available now

The integration of the edu-ID previously required the implementation of two small software components on the university side:

    1. the linking service with which the edu-ID account of a person is linked to the internal account at the university,
    2. and the attribute synchronization with which the university manages the affiliations in the edu-ID accounts.

A new integration method is now available that does not require the development and operation of software at the university. Continue reading “New simplified edu-ID integration for organizations available now”

SWITCH edu-ID continues to grow

Last week the 600’000th member of the Swiss academic community registered for a SWITCH edu-ID account.

SWITCH is pleased to see an increased adoption of this service, as currently more than 1000 accounts are opened up per day.

Of course, this fact was again a good reason for a short break at the SWITCH offices, with a tasty cake once more.

 

 

edu-ID for Private Library Customers

It is with great pleasure that we can report the next milestone in the development of the SWITCH edu-ID.

As you know, most of the Swiss university libraries launched the joint library platform Swisscovery in December last year. All university members can log in to Swisscovery exclusively with edu-ID.

However, many libraries have a service mandate not only for universities but also for private users. This means that authorisation via edu-ID had to be extended so that users who are not enrolled at a university can also use library resources.

Continue reading “edu-ID for Private Library Customers”

SPNEGO (Kerberos) authentication with SWITCH edu-ID

Back in 2016, Daniel Lutz showed how the Shibboleth IdP can offer a real SSO feeling by reusing an already existing authentication token on domain-joined windows clients. SWITCH has now extended this concept in order to offer it to all organisations that have migrated to the SWITCH edu-ID.

Continue reading “SPNEGO (Kerberos) authentication with SWITCH edu-ID”

swisscovery going live brings the SWITCH edu-ID to its limits for about two hours

Today, with the going live of SLSP we have seen quite a few thousands SWITCH edu-ID accounts being created. This amount was considerably more than we have seen in the past. While the SWITCH edu-ID infrastructure kept working for those who had created their account already before, some users who created their account today before noon, had to wait a couple of minutes until their account was ready to be used to log into swisscovery.

We apologise for this inconvenience and ask our customers to try again.

Starting from around 12:10 today, operation goes smoothly again, meaning that newly created accounts can be used for login right away.

Here’s a couple of pictures to show what actually happened:

New record of accounts created per day

Number of phone number verifications compared to the days before

Synchronisation of one of the slave lagging behind between 10:00 and 12:10

We thank our customers for their patience within this period of time. In case someone created more than one account – while assuming that a second one might work better – we strongly recommend to merge these two accounts back again.

Do you have question? Please contact us at eduid-support@switch.ch

Quarter million reached

Two and a half weeks before the semester start, a message went through the SWITCH internal chat saying that the 250’000th SWITCH edu-ID account had just been created! We actually assumed that this would happen only a few weeks later. However, apparently many new students from universities that have already adopted the SWITCH edu-ID, recently created their proper edu-ID account. This went so smooth that we didn’t even notice it, at least not from the number of tickets in our end user support queue, which showed only a minimal increase.

250’000 accounts cake

But this was not the only record to celebrate. On the second day of the new semester, 1594 new accounts were created within 24 hours. This number is 40% higher than the old record from exactly one year ago.

We have indeed been very busy in these last weeks increasing the scalability of the SWITCH edu-ID service and its components. The most important component is the IdP, as it has to be up and running 24×7, regardless of the load that the end users bring when logging in to their services. I’m very happy and relieved that this service could be put behind a load balancer, and that it received a twin worker node to start with. More such worker nodes can from now on easily be added if necessary. With this scalability increase, our infrastructure was able to stand the load increase that came along with the semester start, see the figure:

Load increase at semester start on 14.9.2020

We are hoping that our service will continue to run so smoothly and we will do whatever is necessary in order to keep up with the increasing demands of our user.

Applying for Medical School using SWITCH edu-ID

Anyone wishing to begin studying human medicine, dentistry, veterinary medicine or chiropractic must register online with swissuniversities.

Since this year, authentication is exclusively done with SWITCH edu-ID on the Medon registration platform. Thus Medon uses a unique feature that was introduced with edu-ID in the Swiss AAI federation: anyone can create an edu-ID account and use it in the context of academic services.

Continue reading “Applying for Medical School using SWITCH edu-ID”

eduroam goes edu-ID

eduroam.ch launch, with cake

eduroam is the well known and widely used, worldwide high-performance wifi access service from GÉANT. Eduroam profiles for a large variety of end user devices are now also available on the eduroam.ch portal.

Today, on 1st December 2019, the eduroam.ch service enters its pilot phase. Within the four months to come, SWITCH will find out whether this enduser-friendly service actually responds to a need of the Universities or not. eduroam.ch uses your SWITCH edu-ID for authentication, and lets you download a profile for each of your devices in a user-friendly way. These profiles are somewhat special in that they solve a typical BYOD problem. Today’s profiles obtained by eduroam.ch won’t connect you to inner V-LANs, but only to a generic or “guest” V-LAN, as on any other Campus.

Two Universities joined the pilot already right at the beginning. Others, as well as further organisations like e.g. Alumni associations, may join during the whole pilot phase until 31. March 2020. Participation in the pilot is free, and Universities can use this service in parallel to their specific existing eduroam profiles and infrastructure.

Organisation wanting to join, contact us at eduroam-support@switch.ch. The same contact point answers also all further questions you may have about the service.

100’000 edu-ID accounts!

644A8544-mit-Rolf

In the late evening of February 25th, a prospect student registered at ZHAW and thus created a personal SWITCH edu-ID account. This account turned out to be number 100’000 !

The SWITCH edu-ID team is very happy to see an increasing uptake of this new service. It is user-centric and centrally managed. It is assisting the universities and their IT departments in their daily work.

On every day in the past few months, about 200 new edu-ID accounts have been created on average. About 40% of the users actually link their edu-ID with their AAI account provided by university.

Btw: the prospect student has not yet responded to our call, so we couldn’t share this cake with her yet.

University of Lucerne – the edu-ID Pioneer!

On February 1st 2019 the University of Lucerne has made a big step. It is the first university that has completely switched over to the SWITCH edu-ID. All their roughly 4000 members use now their own secure, long-lived and user-centric SWITCH edu-ID account to access services relevant to the Swiss academic community.

The introduction of the edu-ID heralds a paradigm change in identity management for Swiss higher education. Users are getting more control over their personal data whereas universities can optimize their identity management processes. Fortunately, despite the fundamental architectural change, the impact on users is moderate.

“The migration to SWITCH edu-ID on 1 February 2019 went smoothly. Smaller problems after the migration were solved very quickly by SWITCH. Despite some obstacles in the course of the project, SWITCH provided us with competent support and assistance at all times.”
Marco Antonini, Head of IT

The first preliminary talks between University of Lucerne and SWITCH on edu-ID were held in September 2017. The idea behind the SWITCH edu-ID and, above all, the opportunities it offers in the future convinced the university right from the start. So they decided to change over relatively early. An important prerequisite, central user administration, was already in place, so that the concrete planning could be started.

As integration approach linking at registration was chosen for new students, and linking after admission for current members and future staff. With the integration of edu-ID in the organisational IT and the equipment of all members with an edu-ID identity the university has reached an important milestone. In a second step, further groups will be adressed namely alumni, auditors and further education students.

As the first organisation that completely changes over to SWITCH edu-ID, the university of Lucerne writes history. It can be rightfully proud of this achievement!

Technical Accounts

“Thou shalt not have more than one SWITCH edu-ID user account!” this is one of the commandments in the edu-ID terms of use. It originates from a need of the organizations to be able to unambiguously assign an edu-ID account to one person. But what can an organization or service operator do if it needs a special edu-ID account, e.g. for testing?

Continue reading “Technical Accounts”