Evolving INDIGO IAM towards the next challenges

Federica Agostini; Luca Bassi; Donald Chung; Ivan De Simone; Manoj Garai; Jacopo Gasparetto; Francesco Giacomini; Davide Marcato; Roberta Miccoli; Saiteja Vennapusa; Enrico Vianello; Stefano E. Zotti

doi:10.1051/epjconf/202533701251

All issues

Volume 337 (2025)

EPJ Web Conf., 337 (2025) 01251

Abstract

Open Access

Issue		EPJ Web Conf. Volume 337, 2025 27^th International Conference on Computing in High Energy and Nuclear Physics (CHEP 2024)


Article Number		01251
Number of page(s)		8
DOI		https://doi.org/10.1051/epjconf/202533701251
Published online		07 October 2025

EPJ Web of Conferences 337, 01251 (2025)
https://doi.org/10.1051/epjconf/202533701251

Evolving INDIGO IAM towards the next challenges

Federica Agostini¹, Luca Bassi¹^,2, Donald Chung⁴, Ivan De Simone³, Manoj Garai⁴, Jacopo Gasparetto¹, Francesco Giacomini¹, Davide Marcato⁵, Roberta Miccoli¹, Saiteja Vennapusa⁴, Enrico Vianello¹ and Stefano E. Zotti¹

¹ INFN-CNAF, Bologna, Italy
² GARR, Roma, Italy
³ Università degli Studi di Bologna, Bologna, Italy
⁴ Science and Technology Facilities Council (UKRI-STFC), United Kingdom
⁵ INFN-LNL, Legnaro, Italy

Published online: 7 October 2025

Abstract

INDIGO IAM (Identity and Access Management) is a comprehensive service that enables organizations to manage and control access to their resources and systems efficiently, by implementing a standard OAuth Authorization Service and OpenID Connect Provider. It has been chosen as the AAI solution by the WLCG community for the transition from VOMS proxy-based authorization to JSON web tokens.

This contribution describes the recent updates introduced by the latest IAM releases and the current roadmap for its evolution. In the near future, a primary focus is on avoiding to store access tokens in the database, to enhance the performance of both token issuance and token deletion. Another important milestone is the integration of a Multi-Factor Authentication mechanism. Additionally, substantial effort will be dedicated to migrating from outdated frameworks, such as MITREid Connect and AngularJS, to more stable and robust solutions based on Spring Security and React, respectively. As a consequence, a new dashboard is also being developed, aligned with the latest advances in the User Interface design.

This contribution highlights the progress made in the development roadmap described above, not forgetting the general auditing and performance improvements introduced with the latest releases or planned, such as the use of Open Policy Agent to re-implement the internal mechanism of the Scope Policy API.

© The Authors, published by EDP Sciences, 2025

This is an Open Access article distributed under the terms of the Creative Commons Attribution License 4.0, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Current usage metrics show cumulative count of Article Views (full-text article views including HTML views, PDF and ePub downloads, according to the available data) and Abstracts Views on Vision4Press platform.

Data correspond to usage on the plateform after 2015. The current usage metrics is available 48-96 hours after online publication and is updated daily on week days.

Initial download of the metrics may take a while.

Homepage

Table of Contents

Previous article Next article

Article contents

Database links

NASA ADS Abstract Service

Metrics

Show article metrics

Services

Same authors
- Google Scholar
- EDP Sciences database

Recommend this article
Download citation