1. A senior officer at an eligible organisation makes a formal application in writing to JANET(UK) to join the federation (full details) and agrees to be bound by the federation rules of membership.
2. JANET(UK) replies with an approval e-mail verifying contact details.

NB: Where an applicant intends to use an outsourced provider (see participation options), both the applicant and the external organisation providing the outsourcing service must become members of the federation and the management liaison of the requesting organisation must provide additional outsourced provider information.

Once an organisation has joined the federation, there are various options for participation.

In-house

Run and support identity management in-house.There are two options for following this route:

1. implement the technology wholly through the organisation.
2. implement the technology using a third party. This option is particularly useful for those organisations who do not have the internal resource or expertise to deploy the initial technical requirements but would like to maintain ultimate control of their user authentication.

Outsourced

Organisational identity management provision is handled by a third party.
The application process for outsourced IdPs will need to be followed if taking this route.

There are a variety of organisations who offer outsourced and/or in-house support services.

Schools

The recommended approach for schools is to join via the Local Authorities (England & Wales) or Regional Broadband Consortia in England, Classroom 2000 in Northern Ireland and Learning & Teaching, Scotland. However, schools may join the federation independently.

Entity registration

Once an organisation’s application for membership has been approved, and the option for participation determined, the organisation (or outsourced IdP/SP on behalf of the organisation) may register any number of identity provider and service provider entities.

Shibboleth 1.3

In order to install a Shibboleth 1.3 IdP or SP:

1. You install Shibboleth 1.3 IdP or SP software
2. You obtain a suitable X.509 server certificate
3. Your Management Liaison e-mails a registration request to the federation helpdesk to register Shibboleth 1.3 IdP or register Shibboleth 1.3 SP entities
4. You are sent an e-mail confirming that the technical description of each registered entity has been published in the federation metadata
5. You download the metadata and modify your Shibboleth configuration to match it (described in Setup 1.3 IdP or Setup 1.3 SP).

Details of Shibboleth 1.3 entity registration are available for the above steps.

Shibboleth 2

In order to install a Shibboleth 2 IdP or SP:

1. You install Shibboleth 2 IdP or SP software
2. You obtain a suitable X.509 server certificate
3. You make changes appropriate to your installation to the standard Shibboleth 2 configuration files, as described in set up Shibboleth 2 IdP or set up Shibboleth 2 SP
4. Your Management Liaison e-mails a registration request to the federation helpdesk to register Shibboleth 2 IdP or register Shibboleth 2 SP entities
5. You are sent an e-mail confirming that the technical description of your registered entity has been published in the federation metadata.

Details of Shibboleth 2 entity registration are available for the above steps.

Upgrading from Shibboleth 1.3 IdP to Shibboleth 2 IdP

Here is some documentation to assist those wishing to upgrade a Shibboleth 1.3 IdP installation to Shibboleth 2 IdP.

A diagram ( 447Kb) is available which summarises the steps to be carried out by technical and administrative staff when an organisation applies to join the UK federation.