Skip to content

IAM4NFDI Logo

NFDI Infrastructure Proxy#

The Infrastructure Proxy is used to connect services that address cross-community use cases, i.e. to make services available to users from the entire NFDI. Accoring to the NFDI-AAI Architecture, the Infrastructure Proxy is supposed to be connected to all Community AAI instances. It therefore brings together user information from different sources: - Home IdPs from Identity Federations (DFN-AAI and eduGAIN) - ORCID and Social Login - DFN edu-ID - Guest IdPs - VO membership and resource capability information (Community AAIs)

The Infrastructure Proxy is operated by DFN-CERT on behalf of DFN. For all questions about the Infrastructure Proxy please contact the DFN-AAI hotline (see below).

Checklist for connecting services to the Infrastructure Proxy#

Technical Aspects#

  • Make sure that the service supports and is able to consume the Community Attribute Profiles specified in the current version of the Infrastructure Attribute Policy
  • The connection to the infra proxy is always established via OpenID Connect:

Data Protection, Formal Aspects#

  • Please provide at least a German privacy statement for the service. There are German and English templates available as part of the NFDI-AAI policy framework
  • As part of the policy framework, there are also templates available for Service Acceptable Use and Service Access Policies, which are both optional. If you’re planning to make use of such documents, please let us know.
  • Provide a security contact for the service and register the email address with the NFDI-AAI Security List, which is used as incident response information channel.
  • As official operator of the Infrastructure Proxy, the DFN acts as data processor (“Auftragsverarbeiter”) for the operator of the service. A ready-made Data Processing Agreement (“Auftragsverarbeitungsvereinbarung”) exists for this purpose. The DFN-Team takes care of the paperwork.

Contact information#

Last change: Apr 24, 2025 09:07:34