Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Now whilst that is exactly what it is, saying it that way probably only clarifies things to a few hundred people on the planet somewhat specialised group of people (several of whom I can see from my desk) so I'll break it down some more. Feel free to jump ahead to the next section though.

An organisation discovery service is used in a federation situation when a person needs to tell a service where to send them to sign in.

Expand
titleWhat is a federation?

A federation is where services and organisations divide responsibilities for the end users (it could  be applications and corporations, publishers and institutions, etcalmost anything). The services know what an organisation's user should be able to access, and the organisations know which people are theirs and can specify any relevant differences. Federated access management is basically a way for an an organisation to confirm to a service that a person is eligible to access under the any agreement between them (and stop that access when the person leaves the organisation).

In the early days of federated access management, the service being accessed had little choice but to create their own discovery service. As you can imagine, these could vary - some were a list of subscribing organisations, some were searchable (which was goodbetter UX) and some expected the user to know the name of the federation their home organisation was in (not so goodbetter UX). Each worked... but each worked differently. 

Some federations provided a central discovery service for their federation, which helped but this was only of practical use for services that were only in that one federation, and the popular services were in several federations - some in 30 or more than 40 national federations - so there was still lots of diversity (but not the good kind).

What was needed was a discovery service that covered multiple federations - i.e. a some kind of universal discovery service. 

What does

...

Wayfinder mean for an end-user?

For the end-user it Wayfinder provides a consistent discovery experience over all the resources that use it. Depending on settings it can even remember the users' home organisation across services.  There's more on this in the OpenAthens Wayfinder UX page.

What does

...

Wayfinder mean for a service (e.g. publisher)?

For services it provides a discovery service that works for as many SAML federations as the service provider is a member of - there is no need to maintain your own discovery service and no need to present potentially confusing choices to the end user. Wayfinder automatically filters for only the organisation that are in the same federation(s) as the referring service provider and has the potential to be even more discerning. There's more about the how in the Enabling OpenAthens Wayfinder pages.

...