📄️ GRNET eID Proxy
The GRNET eID Proxy service is a deployment of the Service Provider plugin presented in Chapter 3. As described in the previous Section, the proxy service will be used to enable authenticated access to the AcademicID service through the eIDAS network. There are three instances of the GRNET eID Proxy:
📄️ High-level architecture
Figure 1 provides a high-level view of the GRNET eID Proxy service architecture illustrating the interconnections with IdPs and SPs. The Proxy acts as an SP towards the external IdPs and, at the same time, as an IdP towards the SPs (e.g. AcademicID Service). Through the proxy, users are able to authenticate with their eIDAS credentials. To achieve this, the proxy supports the translation between different authentication protocols, such as SAML (eIDAS and SAML2int profile), OpenID Connect and OAuth 2.0. The proxy also provides a country selector for users to select their country of origin eIDAS node (Home eIDAS Node).