Using External Credentials for Paid spaces
For paid spaces, Secure Space supports users without PennKey credentials:
See http://www.incommonfederation.org/participants/ for a list of InCommon institutions and http://www.protectnetwork.org/ for information about ProtectNetwork.
- External users from institutions belonging to the InCommon Federation (which includes nearly 300 members from higher ed, government, non-profit, research, and commercial partners) can log in with their home institution credentials.
- External users who do not have a username and password from an InCommon institution or whose institution's login system is not compatible with Penn WebLogin can register for a free username and password from ProtectNetwork, an InCommon partner.
How authorization/authentication with external credentials works
Once a faculty or staff member ("space owner") has created a paid space, he or she can invite collaborators from Penn and other institutions to become "members" of that space. Invitations are sent from within the application to a trusted email address for each collaborator. External collaborators are asked to register their home institution or ProtectNetwork login ID and other information with Penn within seven days. Login IDs of registered Secure Space users are stored in PennGroups.
When logging in, users are presented with a screen offering a PennKey option and a dropdown list from which external users can select their InCommon institution or ProtectNetwork. Depending on what they select, external users are then presented with their home institution's authentication screen, the ProtectNetwork authentication screen, or, if they did not register with Penn, an error message with followup information.
Potential issue with InCommon credentials
Not all InCommon institutions will automatically pass authentication information to other InCommon institutions. In such cases, registered external users will not see their home institution's authentication screen. Instead, they will receive an error message advising them to contact their own institution's IT staff or to create a ProtectNetwork account. There is a link to ProtectNetwork in the error message.
Last updated: Monday, May 2, 2011