AARC’s Policies and Guidelines are a compilation of best practices and recommendations set up to help Research and e-Infrastructures to implement a scalable and cost-effective policy and operational framework for integrated AAI. (ie, implement the AARC BPA in a secure and GDPR compliant way).

The Policies and Guidelines provide a common background to all Research and e-Infrastructures and enhance security through sharing of common practices.

Recommendations & best practices


Sirtfi provides a mechanism to identify trusted, operationally secure eduGAIN participants and facilitate effective incident response collaboration.


Snctfi identifies operational and policy requirements to help establish trust between an infrastructure and identity providers either in an R&E federation.

Policy Development Kit

This kit supports Research Infrastructures in adopting or enhancing a policy set that regulates the operation and use of an Authentication and Authorisation Infrastructure in line with the AARC Blueprint Architecture.


AARC Guidelines help communities and infrastructures to implement and operate an AAI for research and collaboration more effectively and in an interoperable way.

Use cases

By requiring that identity providers assert Sirtfi, RCAuth is able to issue trusted IGTF certificates accepted by major research infrastructures.

Training material

AARC Training has worked on policy-related materials.

News and articles

Final steps towards whitepaper on federated identity management for research (blog post, February 2018)