OpenAthens Local Authentication (OpenAthens LA, or OALA) enables your users to access resources in a federation. It interacts with your local data repository and authentication systems to facilitate access to online resources by your end users. In SAML terms OpenAthens LA is an Identity Provider (IdP).
OpenAthens LA has two main components, the Runtime and an Administration Console. The Runtime performs authentications and responds to Service Providers when your users request access. The Administration Console is used to configure the Runtime and access Statistics, Diagnostics and Auditing information.
The Administration Console is a browser based application that enables your administrators to configure how users are authenticated, where to retrieve user data from, the federations you connect to and what information about your users is shared with Service Providers. The Administration Console publishes the configuration to the runtime and also provides a view of statistics, logs and diagnostic tools. User data would typically be retrieved from an Active Directory or other LDAP server, but OpenAthens LA can be configured to use other sources such as relational databases or student registration systems.
OpenAthens LA works with many federations, including:
- UK Access Management Federation (UKAMF) (United Kingdom)
- eduID.cz (Czech federation)
- GakuNin (Japan)
- DFN-AAI (Germany)
- RENATER (France)
- SWITCHaai (Switzerland)
OpenAthens LA can also be configured to connect to individual Service Providers on a one to one basis, such as a VLE or Google Apps.