UK Access Management Federation
for Education and Research
The UK federation is operated by Jisc and provides a single solution to accessing online resources and services for education and research. Here is some information on how it works and its benefits.
Eligible organisations are invited to join the current membership.
Latest news
Invitation for collaboration on the REFEDS Assurance Framework
Posted on Wednesday, 25 February 2026
We invite organisations, particularly those involved in research-intensive institutions but not limited to them, that may have an interest in the REFEDS Assurance Framework to get in touch with us for further discussion. If you are unsure about how this framework applies to your organisation or need to explore its relevance more thoroughly, we encourage you to investigate internally. Your insights are invaluable as we work together to enhance assurance practices in our communities.
Guidance
It may not be possible for a central IdP operator to be aware of all the use-cases that their IdP supports – particularly regarding some emerging scenarios around access to sensitive research systems.
One way to get a hint as to whether your users may require the use of this framework in the future is to check your authentication logs for interactions with a given set of services which we’ve identified as likely to need such changes soon. The list is below.
Shibboleth Identity Provider
If you’re using the Shibboleth Identity Provider then you may be able to check your logs by interrogating the idp-audit log.
- Linux → https://www.ukfederation.org.uk/content/Documents/IdPBasicReporting
- On Windows → https://www.ukfederation.org.uk/content/Documents/IdPBasicReportingWindows
Data review
You should check for the prevalence of these Service Provider entityIDs:
- https://federation.nih.gov/FederationGateway
- https://proxy.myaccessid.org/metadata/backend.xml
- https://safe.epcc.ed.ac.uk/shibboleth
- https://aai.egi.eu/proxy/module.php/saml/sp/metadata.php/sso
- https://cilogon.org/shibboleth
- https://iris-iam.stfc.ac.uk/sp-entityID
- https://sp-proxy.cern.ch/saml2sp/saml2_backend.xml
- https://b2access.eudat.eu:8443/unitygw/saml-sp-metadata
- https://orcid.org/saml2/sp/1
- https://aai.openaire.eu/proxy/module.php/saml/sp/metadata.php/sso
- https://safari.data-archive.ac.uk/shibboleth-sp
If you notice use of these services then you should investigate further. If possible, interrogate your logs further to ascertain which users are making use of these services and enquire as to their use-cases. You can also make contact with us (via service@ukfederation.org.uk) to assist. read more...
UK federation update December 2025
Posted on Wednesday, 3 December 2025
Service desk closure for Christmas break 2025-2026
As with most areas of Jisc, the UK federation service desk will be taking an extended break over Christmas and New Year. The helpdesk will be unavailable from 12:00 on Wednesday 24 December 2025, and will reopen at 09:00 on Monday 5 January 2026. If you submit a request to service@ukfederation.org.uk during this period, your email will be logged, but we won't be able to respond until we return.
Please note that any metadata changes need to be submitted by 18 December to be considered for publication; otherwise, they will be addressed from 5 January 2026 onwards.
UK federation metadata will be automatically re-published over the holiday period. While we won't make changes to UK federation-registered entities, there may be updates due to entities imported via eduGAIN. read more...
Shibboleth Identity Provider Security Advisory with new minor version release
Posted on Thursday, 28 August 2025
The UK federation recommends adhering to best practices by routinely managing patches for your IdP environment. This includes subscribing to future security notifications:Shibboleth Announce.
Following the recent security advisory from the Shibboleth Consortium regarding the IdP, you should update your Identity Provider software to version 5.1.6 (or later) at your earliest convenience. Although the affected code path is likely not in use by the UK federation userbase, updating will help mitigate any potential exploits.
As ever, please ensure your software versions are patched promptly. If you have any questions or queries then please do contact the UK federation service desk
Audience
While this advisory is directed only at operators of the Shibboleth IdP rather than other entities within the UK federation, it is good practice to be subscribed to the appropriate mailing lists for any software you operate in order to stay abreast of the need for updates.