- 1 Identities in Perun
- 2 Identity Consolidator
- 3 User profile
Identities in Perun
Internal identity is the user identity that was created in the Perun system (account in Perun).
This account contains a full name and ID and others.
An external identity is the user identity that was created in another system.
An external identity is a part of internal identity.
It can be university identity (Ca 'Foscari University of Venice, Masaryk University, Medical University of Vienna, Nicolaus Copernicus University in Torun),
an identity of the organization (BBMRI-ERIC, CESNET, de.NBI, EGI, Elixir),
or social identity (Facebook, Google, LinkedIn).
One user profile may contain more external identities and the user can log in to Perun by any of them.
Another option how the user can get into Perun is to import identity by synchronization (for example from a SQL database or LDAP).
External identities work with a Level of Assurance (LoA).
Schema showing how the user can get into the Perun by external identities and how they related to internal identity.
The Identity Consolidator serves to connect more identities under one user account.
The main advantage of identity consolidation is access to user's data by any registered external identity.
How user can get to Identity consolidator
The link for identity consolidation can be offered by the system itself or is sent by the VO manager to the user.
Manual for VO manager for building a link to Identity Consolidator is here.
Identity consolidation procedure
1a) The system may automatically offer you the possibility of connecting another external identity to your account. Open link in the anonymous mode in your browser.
1b) Open the email you received from VO manager and open the Identity Consolidator link in the anonymous mode in your browser.
2) Perun will ask you to log in with an external identity which you have connected with your account. You will see a list of identities you can log in.
- This step is limited in time (time is counted in the background). You have 5 minutes to connect identity to an existing account or then the authorization token ends and you need to log in again (reload the page). The time limit is set for security reasons.
3) At the end of the procedure, you may add another external identity.
Now you may log in to Perun system with new external identity.
Will ensure that you don't log in with an unwanted identity when you verify your identity.
Chrome/Chromium and Opera
Ctrl + Shift + N
Explorer/Edge and Firefox
Ctrl + Shift + P
In a profile, the user can manage his data, such as a mail, preferred language, change/reset the password, manage SSH keys, report new publication.
User profile (CESNET instance):
WARNING: Only for users at the CESNET instance. For using links, it is necessary to be logged in Perun.
The user can modify or view his data on a user profile at the address:
In profile, the user may see or edit external identities that are assigned to his account (in tab My identities).
Also, the user may use new mini-application:
This user profile provides an overview of external identities.
User profile (MUNI instance):
WARNING: Only for users at the MUNI instance. For using links, it is necessary to be logged in Perun.
The user can modify or view his data on a user profile:
Log in via Federation
Log in via Kerberos
In the left menu, click on Select identity and select the internal identity you want to manage.
This user profile doesn't contain an overview of external identities.