SIFULAN Connect

Enterprise SSO

SIFULAN Connect is a SaaS solution from SIFULAN designed to make it easy for research and education institutions to connect to the SIFULAN Federation. This Identity-as-a-Service (IDaaS) offering provides a fully managed IdP service, allowing institutions to integrate their existing Identity Management System (IDMS) seamlessly with the federation and eduGAIN. SIFULAN Connect enhances existing IDMS setups by offering value-added functionalities, especially for systems that do not natively support multilateral federations, ensuring secure, reliable, and simplified access to global research and educational resources.

SIFULAN Connect works optimally with cloud-based IDMS platforms such as Microsoft Entra ID and Google Workspace. Nevertheless, any IDMS that supports the SAML Protocol or OpenID Connect can integrate with SIFULAN Connect.

The SIFULAN Connect service is included with SIFULAN Federation membership. Please visit this page to check your organisation’s eligibility to subscribe to the SIFULAN Federation.

Modes

SIFULAN Connect offers two options, hosted mode and proxy mode.

Hosted Mode

  • An all-in-one WebSSO solution featuring directory services, user management, a self-service portal for password resets, SAML Identity Provider (IdP), OpenID Connect Provider (OIDC OP), and usage statistics.

  • It is fully integrated with the SIFULAN Federation and eduGAIN.

Proxy Mode

  • SIFULAN Connect serves as the frontend for the Identity Federation (i.e., SIFULAN Federation and eduGAIN).

  • It supports various WebSSO solutions—including Microsoft Entra ID, Google Workspace, ADFS, CAS, and NetIQ—as backend user authentication systems.

  • Provides full Single Sign-On (SSO) functionality and usage statistics.

SIFULAN Connect Case Study: International Medical University (IMU)

International Medical University (IMU) is a reputable international private university in Malaysia and has been a member of the SIFULAN Federation since 2019. Previously, IMU hosted and managed its Shibboleth IdP on-premises, linking it to their Active Directory (AD) as the user database. In early 2021, IMU migrated its AD to Microsoft Entra ID and adopted it as the primary WebSSO solution.

As part of this migration, IMU sought to extend Microsoft Entra ID’s capabilities by integrating it with the Identity Federation while maintaining a seamless SSO experience. To realize this vision, IMU moved its on-premises Shibboleth IdP to SIFULAN Connect, utilizing Microsoft Entra ID for backend authentication. Users now authenticate just once via Microsoft Entra ID to gain full SSO access.

SIFULAN Connect is also integrated with SIFULAN Stats, capturing each authentication event. This data supports IMU’s Personalised Education project, enabling more tailored educational experiences. Additionally, because Microsoft Entra ID includes built-in Multi-Factor Authentication (MFA), users can access resources (such as NIH services) requiring MFA, further enhancing security beyond basic user-password authentication.