InCommon Participation

In August 2010 the University of Hawaii joined the InCommon Federation. InCommon membership is a crucial step in expanding the utility of UH credentials (UH Username and passwords). InCommon provides a secure trust fabric for universities; government agencies, nonprofit laboratories and research centers; and sponsored commercial participants. With this trust fabric our UH credentials are the keys to an expanding universe of online resources.

For more information on the University of Hawaii, InCommon Participant Operational Practices: <InCommon Federation - POP>.


InCommon participants are either Identity Providers or Service Providers, or both. The University of Hawaii is an Identity Provider; we authenticate UH Usernames and passwords for Service Providers.  Service Providers provide services such as information access. We can confirm to any participating InCommon Service Provider that a person has correctly entered her UH Username and password once we’ve agreed on an attribute release policy for that Service Provider.

Protection of privacy is important. For sponsored commercial Service Providers the attribute release policy is designed to protect privacy. To accomplish this we release to each commercial Service Provider a unique identifier such that Service Providers cannot attempt to correlate a person’s activities across multiple Service Providers.

Campuses and departments may require support for InCommon Service Providers. Please email the IAM Group for assistance with setting up new attribute release policies. Please note that Service Providers generally require the following information:

  • Relaying Party: InCommon

  • Identity Provider EntityID (production): <https://idp.hawaii.edu/idp/shibboleth>

  • Identity Provider EntityID (test): <https://idp-test.its.hawaii.edu/idp/shibboleth>

  • IUV Administrator Email Address: <its-iam-help@lists.hawaii.edu>

  • Logout Redirect URL (production): <https://idp.hawaii.edu/logout.jsp>

The technology used by the InCommon Federation for hosting Identity and Services providers is based on the Internet2 Shibboleth software. The security protocol is SAML 2.0.

References: