Home page
AARC-G100

AARC-G100 Guidelines for Establishing Trust between AARC-compliant AAI services using OpenID Federation

This specification provides guidance for enabling interaction and establishing trust among AARC-compliant proxies that implement OAuth 2.0 Authorization Servers (AS) and Resource Servers (RS) residing in distinct domains. These interactions are facilitated through trusted third parties referred to as Trust Authorities, which are entities issuing authoritative statements about entities that participate in an identity federation. The federation uses OpenID Federation. This document is intended for operators and implementers of AAI services and defines two trust profiles: G100.1 (Basic Trust Model), specifying the minimum requirements for establishing trust between proxies using OpenID Federation trust chains, and G100.2 (Fine-Grained Trust Model), which extends the basic model with policy-based trust through the use of Trust Marks and metadata policies.

Document URLhttps://docs.google.com/document/d/1i-SblN6e5Uaw7iJQUBRXZzyf-RTae38nq7mR-6nyFlE/edit
Status: Final Call (presented to AEGIS on 10 November 2025)
DOIPending
Errata: none
Supersedes: none

aarc-contacts@lists.geant.org

Linkedin Twitter Youtube

© members of the AARC Community. 

The AARC name and AARC logo are © GÉANT Vereniging 2014-2024
 
The work leading to these results has received funding from the European Union (GAP 101131237) and other sources. The contents of this publication is the sole responsibility of AARC and does not necessarily reflect the opinion of the European Union.

Skip to content