Skip to content

Our services

Network
Computing
Data storage
Security
Multimedia
Identity

Individual services Services are directly accessible to all students, researchers, academics, and university staff.

MetaCentrum
FileSender
ownCloud
Meetings

Useful links

Current backbone load
Speedtest IPv4
Speedtest IPv6
Looking Glass
search
cz

Service Catalogue Identity The Perun AAI

The Perun AAI

User administration and controlling access to services.

Support
Standard ServicesStandard Services
More information

Basic features

Research communities composed of individuals from multiple organizations often face challenges in managing access to shared services. Access control within users' home organizations is impractical because these systems do not account for users from other institutions. Managing access directly on services requires defining user groups across multiple locations, which complicates consistency and maintenance.

The European initiative AARC (Authentication and Authorisation for Research and Collaboration) addressed this issue through the AARC Blueprint Architecture. The Perun Authentication and Authorization Infrastructure, developed jointly by CESNET and Masaryk University, implements this architecture and is employed in various national and international research e-infrastructures.

The AAI connects with academic identity federations through the international eduGAIN network, allowing management of users from academic organizations outside the Czech Republic.

For organizations, the AAI simplifies managing access to their services, even for users from other organizations.

For individuals, it means one account can grant access to many services and keep the identity consistent across different institutions, e.g. for moving from a university to a research institute.

Key features of the Perun AAI include:

  • Managing user logins
  • Authenticating users' identities with their home organizations
  • Combining logins across multiple home organizations into a single account
  • Managing users and user groups through virtual organization management with rules for membership creation and termination
  • Controlling access to services for administrators
  • Data provisioning via standard OIDC, SAML2, LDAP, VOOT, SCIM protocols, and custom push mechanisms
  • Synchronization with external Identity Management systems

The Perun AAI facilitates seamless identity management across multiple organizations, allowing users to maintain a single account and easily transition between institutions while accessing a broad range of services.

Perun
Key benefits
  • Single sign-in access to services through a single user account
  • Enables managing users independently without having to contact the administrator of the e-infrastructure
Who is the service for?
Pricing

The service is available for free to the CESNET Association members and organizations connected to the CESNET e-infrastructure.

Didn't find what you were looking for?

Contact us

Request service "The Perun AAI"

Max attachment size 20MB

Upload files
By submitting this message, you agree to the processing of your personal data.