Login providers

Using Dataporten, you probably want to authenticate people using your service. Through Dataporten you can enable several login providers. You - as a service provider - decide which login providers your service should accept.

Here you will find more information about the different login providers, how to enable them and when to enable them.

In Dataporten Dashboard you can enable the following login providers for your service:

Which login providers should you enable?

You need to make sure all your users are able to log in to your service, but you should probably not enable all login providers. That will just make your users confused.

Guidelines on enabling login providers

  • When your users are students, researchers, teachers or other employees in Norwegian education: Enable Feide login.
  • If you need to identify and authenticate users outside the education sector (i.e. parents, alumni): Enable ID-porten login.
  • When your users are international students, researchers or teachers/employees: Enable eduGAIN login.
  • If some of your users come from outside of the education sector, and all you need is a way to recognize them and link them to a user account, you should enable guest user login. Dataporten provides several guest user solutions: Twitter, Facebook, LinkedIn and Feide guest users.
  • During development and test phase, you can enable Feide test users. Be sure to disable before moving on to production environment.

Enabling login providers in Dashboard

When registering your service in the Dataporten Dashboard, you will enable login providers on the page “Login providers”:

Login providers screenshot

If you enable all login providers, this is what your users will see the first time they log in:

Login providers screenshot enabling all

How to enable Feide login

If your users are students, researchers, teachers or other employees in Norwegian education, you probably want to enable Feide login. In Dashboard, you will enable “Utdanningssektoren”. Be sure not to mix up with “Feide gjestebrukere” or “Feide testbrukere”.

Login providers screenshot enabling Feide

If your service should accept logins only from primary schools, secondary schools or higher education, or just specific schools, you will configure this as well in Dashboard:

Login providers screenshot enabling only certain schools

This will allow logins from Tromsø kommune, Univeritetet i Bergen, and NTNU only.

How to enable ID-porten login

If your users are people outside of education, i.e. parents or alumni, and you still want a high security level on your logins, you should enable ID-porten login:

To enable ID-porten, the following criteria have to be met:

  • The service has to be registered by an organization (not a private person).
  • The organization has to apply for ID-porten login by sending an email to support@feide.no. Be sure to put “ID-porten login through Dataporten” in the subject.
  • Only enterprises in public sector and enterprises carrying out tasks on behalf of, and wholly or partly funded by, the public can use ID-porten. More information about ID-porten´s terms of use (Norwegian only).

Login providers screenshot enabling ID-porten

How to enable international login through eduGAIN

Support for eduGAIN in Dataporten is available for pilot users from spring 2017. Ask us for more information by sending an email (support@feide.no).

If your users are international students, researchers, teachers or other employees, you should enable eduGAIN login.

eduGAIN is an international trust exchange between Identity federations mostly in Europe, but also US, Brazil, Japan and more. It allows users abroad to login to Dataporten services with their local accounts, with trusted identity information through eduGAIN.

The global scope of eduGAIN adds some complexity when it comes to technical compatibilty, semantics of attribute release and more. Dataporten tries to offload these challenges from applications and adopt a flexibly attribute policy that works with many providers.

If would have users from foreign univerities that are connected to eduGAIN, you may help us test, verify and configure these users to properly connect through eduGAIN. Contact us support@feide.no to get more information.

To enable eduGAIN login on Dataporten, you MUST follow these eduGAIN polciies:

Login through social media

Not all services need to know exactly who the user is and be 100% certain about the user’s identity. These services only need to recognize the user every time he or she logs in to build some kind of user profile for the user.

For these services, login through social media can be a good way to authenticate users. Dataporten offers login through Facebook, LinkedIn and Twitter.

If you enable one or more of these, your users will log in to your service by his/her Twitter, Facebook or LinkedIn account. The user ID received by the service, will be the user ID from Twitter, Facebook or LinkedIn.

You can enable login through all social media:

Login providers screenshot enabling social media login

The user can now log in by his/her favourite social media account.

Enable Twitter login

Login providers screenshot enabling Twitter

Enable Facebook login

Login providers screenshot enabling Facebook

Enable LinkedIn login

Login providers screenshot enabling LinkedIn

How to enable login for Feide guest users

For users that don’t have a Feide account, you can enable login through the “Feide guest users” solution, also known as OpenIdP.

The “Feide guest users” solution is managed by UNINETT, and is in the process of being phased out. Notice however that the solution will be replaced and users will be alerted before it is removed.

How to enable Feide test users

During the development and test phase, you can enable login for Feide test users:

Login providers screenshot enabling Feide test users

Be sure to disable Feide test users before you move your service to a production environment.