The Shibboleth System is a standards based, open source software package for web single sign-on across or within organizational boundaries. It allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner.
The Shibboleth software implements widely used federated identity standards, principally OASIS' Security Assertion Markup Language (SAML), to provide a federated single sign-on and attribute exchange framework. Shibboleth also provides extended privacy functionality allowing the browser user and their home site to control the attributes released to each application. Using Shibboleth-enabled access simplifies management of identity and permissions for organizations supporting users and applications. Shibboleth is developed in an open and participatory environment, is freely available, and is released under the Apache Software License.
A user authenticates with his or her organizational credentials. The organization (or identity provider) passes the minimal identity information necessary to the service manager to enable an authorization decision. For more information about the Shibboleth products, please visit the products page.
The Shibboleth project began as an Internet2 Middleware activity in 2000. Later that year the project connected with the work of the OASIS SAML Working Group, participating in SAML from its initiation. Shibboleth 1.0 was released in 2003, and was quickly adopted by the worldwide Higher Education/Research community. With SAML 2.0 in 2005 and Shibboleth 2.0 the following year, the SAML standards grew to include all the multi-lateral, metadata driven approaches pioneered by Shibboleth.
Shibboleth® is a registered trademark of Internet2®.