NIEF TIP for SPO with SAML SSO, v1.0

Specifies the standard NIEF requirements that a NIEF SAML Service Provider Organization (SPO) must meet for membership.
Publication Date: 2018-07-31
Issuing Organization:
No Responder 404-407-8956 75 5th Street NW, Suite 900, Atlanta, GA 30308
Keywords: NIEF, National Identity Exchange Federation, SAML, Security Assertion Markup Language, SPO, Service Provider Organization,
Legal Notice: This document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.

Trust Expression:

TIP_NIEFMinimumInteroperabilityTIPforSAMLSP and TIP_NIEFCertificatePolicyCryptographicManagement and TD_NIEFMemberOrganization and TD_NIEFSPO and TD_NIEFFullDisclosureSPO and TD_PrivacyAppropriateAttributeRequestandUsage and TD_BonaFidesforUSOrganizations

References (7)

Specifies minimum SAML and NIEF technical interoperability requirements for SAML Service Providers (SPs). Does not include administrative requirements.
This Trust Interoperability Profile specifies the requirements needed to meet the NIEF Certificate Policy
This Trustmark Definition defines a Trustmark that verifies an organization has signed a NIEF membership agreement.
This Trustmark Definition defines a Trustmark that verifies an organization has signed a NIEF SPO agreement.
NIEF full disclosure requirements for SPOs.
Privacy requirements for request and usage of attributes about end-users.
This trustmark pertains to organizations' legitimacy and reputation and is applicable only to U.S. government agencies and U.S.-based non-government organizations. For a government agency, which includes State, Tribal, and lower level organizations, the Trustmark Provider must verify that the organization was created via an appropriate government authority. For a non-government organization, the Trustmark Provider must verify the organization's incorporation status with the appropriate Secretary of State. In both cases, the Trustmark Provider must verify the organization's contact information and must check the U.S. Department of Commerce's Denied Persons List for appearances of any officer or any known entity associated with the organization.
Also available as XML or JSON