Our services

Network
Arrow ikon
Computing
Arrow ikon
Data storage
Arrow ikon
Security
Arrow ikon
Multimedia
Arrow ikon
Identity
Arrow ikon

Individual services Services are directly accessible to all students, scientists and researchers, academics, and university staff.

MetaCentrum Arrow ikon
FileSender Arrow ikon
ownCloud Arrow ikon
Videoconference Arrow ikon

Useful links

Current backbone load
Speedtest IPv4
Speedtest IPv6
Looking Glass
search
cz

Service Portfolio Arrow ikon Identity Arrow ikon The Perun AAI

The Perun AAI

User administration and controlling access to services

SupportArrow ikon
Standard Services
More information Arrow ikon

The basic features

Research communities composed of individuals from multiple organizations often face challenges in managing access to shared services. Access control within users' home organizations is impractical because these systems do not account for users from other institutions. Managing access directly on services requires defining user groups across multiple locations, which complicates consistency and maintenance.

The European initiative AARC (Authentication and Authorisation for Research and Collaboration) addressed this issue through the AARC Blueprint Architecture. The Perun Authentication and Authorization Infrastructure, developed jointly by CESNET and Masaryk University, implements this architecture and is employed in various national and international research e-infrastructures.

The AAI connects with academic identity federations through the international eduGAIN network, allowing management of users from academic organizations outside the Czech Republic.

For organizations, the AAI simplifies managing access to their services, even for users from other organizations.

For individuals, it means one account can grant access to many services and keep the identity consistent across different institutions, e.g. for moving from a university to a research institute.

Key features of the Perun AAI include:

  • Managing user logins
  • Authenticating users' identities with their home organizations
  • Combining logins across multiple home organizations into a single account
  • Managing users and user groups through virtual organization management with rules for membership creation and termination
  • Controlling access to services for administrators
  • Data provisioning via standard OIDC, SAML2, LDAP, VOOT, SCIM protocols, and custom push mechanisms
  • Synchronization with external Identity Management systems

The Perun AAI facilitates seamless identity management across multiple organizations, allowing users to maintain a single account and easily transition between institutions while accessing a broad range of services.

PerunArrow ikon
  • Single sign-in access to services through a single user account;
  • Enables managing users independently without having to contact the administrator of the e-infrastructure.

The Perun AAI is for organizations that meet the Terms and conditions for the access to the CESNET e-infrastructure, and for individuals who comply with the Conditions for access to e-INFRA CZ infrastructure.

The service is available for free to the CESNET Association members and organizations connected to the CESNET e-infrastructure.

Arrow ikon
Arrow ikon

Didn't find what you were looking for?

Contact us Arrow ikon

Poptat službu "The Perun AAI"

Maximální velikost přílohy je 20MB

Přiložit soubor
By submitting this message, you agree to the processing of your personal data.