UK Access Management Federation
for Education and Research
The UK federation is operated by Jisc and provides a single solution to accessing online resources and services for education and research. Here is some information on how it works and its benefits.
Eligible organisations are invited to join the current membership.
Latest news
Shibboleth Identity Provider Security Advisory with new minor version release
Posted on Thursday, 28 August 2025
The UK federation recommends adhering to best practices by routinely managing patches for your IdP environment. This includes subscribing to future security notifications:Shibboleth Announce.
Following the recent security advisory from the Shibboleth Consortium regarding the IdP, you should update your Identity Provider software to version 5.1.6 (or later) at your earliest convenience. Although the affected code path is likely not in use by the UK federation userbase, updating will help mitigate any potential exploits.
As ever, please ensure your software versions are patched promptly. If you have any questions or queries then please do contact the UK federation service desk
Audience
While this advisory is directed only at operators of the Shibboleth IdP rather than other entities within the UK federation, it is good practice to be subscribed to the appropriate mailing lists for any software you operate in order to stay abreast of the need for updates.
FAM 25 Presentations
Posted on Tuesday, 8 July 2025
We hope you enjoy the slide presentations and some recordings from the FAM 25 event held in Manchester on July 2nd 2025.
They include:
Shibboleth Identity Provider Security Advisory
Posted on Monday, 31 March 2025
The UK federation recommends adhering to best practices by routinely managing patches for your IdP environment. This includes subscribing to future security notifications:Shibboleth Announce.
Following the recent low-level security advisory from the Shibboleth Consortium regarding the IdP, you should update your Identity Provider software to version 5.1.4 (or later) at your earliest convenience. Although the affected code path is likely not in use by the UK federation userbase, updating will help mitigate any potential exploits.
Please ensure your software versions are patched promptly. If you have any questions or queries then please do contact the UK federation service desk