In order for EVERFI to manger your service provider through InCommon, we require that your identity provider system meet the following two requirements. Based on EVERFI’s interpretation of Signing and Encryption Keys in InCommon Federation, we believe that any identity provider that is in the InCommon Federation meets these requirements. We need you to confirm that your system satisfies these two requirement in order for EVERFI to successfully perform routine certificate rotations within InCommon.
Identity Provider Requirements
EVERFI assumes the following about your identity provider setup:
- Your identity provider supports multiple signing certificates for a service provider like EVERFI’s Foundry.
- Your identity provider automatically updates the Foundry service provider in response to updates to the associated InCommon registry, or you have a process in place to manually apply such updates.