ACCESS InCommon Identity Provider
The ACCESS InCommon Identity Provider (IdP) at idp.access-ci.org allows ACCESS users to sign in to web sites that are part of the InCommon Federation (including ACCESS web sites) using their ACCESS accounts. This capability is especially useful for users who do not have an existing InCommon IdP provided by their home institution.
When signing in to a service that supports InCommon IdPs, first try using your home institution’s IdP. If that option isn’t available, choose ACCESS from the list of IdPs to sign in with your ACCESS account. Your web browser will be redirected to idp.access-ci.org to complete the sign-in operation. The ACCESS IdP will prompt for Duo authentication. If you are not enrolled with Duo, you will be prompted to set up Duo. As always, you should only enter your ACCESS password on xsede.org sites.
The ACCESS IdP implements optional single sign-on (SSO), meaning that if you have already authenticated at idp.access-ci.org recently, you will not be prompted again for your password. To disable SSO for idp.access-ci.org, check the “Don’t Remember Login” checkbox so that you will be prompted to sign in next time. If you did not check the “Don’t Remember Login” checkbox and would like to be prompted to sign in to idp.access-ci.org, you can do so by clearing your browser cookies for idp.access-ci.org.
The ACCESS IdP conforms to the standards set by the REFEDS Research and Scholarship and REFEDS Security Incident Response Trust Framework for Federated Identity for global interoperability.
The ACCESS IdP releases the following Research & Scholarship (R&S) attributes to all Service Providers (SPs):
- eduPersonPrincipalName (ePPN)
- eduPersonTargetedID (ePTID)
- sn (surName)
See InCommon Federation Attribute Overview for more information.
This site is maintained by CILogon for ACCESS.
This material is based upon work supported by the National Science Foundation under Grant No. 2138307. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.
Google Tag Manager
We may collect information such as how the Service is used, and how and what tags are deployed. We may use this data to improve, maintain, protect and develop the Portal, but we will not share this data without your consent.
In order to monitor and provide diagnostics about system stability, performance, and installation quality, Google Tag Manager may collect some aggregated data about tag firing. This data does not include user IP addresses or any measurement identifiers associated with a particular individual. Other than data in standard HTTP request logs, all of which is deleted within 14 days of being received, and diagnostics data noted above, Google Tag Manager does not collect, retain, or share any information about visitors to our customers’ properties, including page URLs visited. Learn more about our use of Google Tag Manager data in Google's terms of service for details.
What is reCAPTCHA?
Why do we use reCAPTCHA on our website?
We only want to welcome people from flesh and bones on our side and want bots or spam software of all kinds to stay away. Therefore, we are doing everything we can to stay protected and to offer you the highest possible user friendliness. For this reason, we use Google reCAPTCHA from Google. Thus, we can be pretty sure that we will remain a “bot-free” website. Using reCAPTCHA, data is transmitted to Google to determine whether you genuinely are human. reCAPTCHA thus ensures our website’s and subsequently your security. Without reCAPTCHA it could e.g. happen that a bot would register as many email addresses as possible when registering, in order to subsequently “spam” forums or blogs with unwanted advertising content. With reCAPTCHA we can avoid such bot attacks.
What data is stored by reCAPTCHA?
reCAPTCHA collects personal user data to determine whether the actions on our website are made by people. Thus, IP addresses and other data Google needs for its reCAPTCHA service, may be sent to Google. Within member states of the European Economic Area, IP addresses are almost always compressed before the data makes its way to a server in the USA.
Moreover, your IP address will not be combined with any other of Google’s data, unless you are logged into your Google account while using reCAPTCHA. Firstly, the reCAPTCHA algorithm checks whether Google cookies from other Google services (YouTube, Gmail, etc.) have already been placed in your browser. Then reCAPTCHA sets an additional cookie in your browser and takes a snapshot of your browser window.
The following list of collected browser and user data is not exhaustive. Rather, it provides examples of data, which to our knowledge, is processed by Google.
- Referrer URL (the address of the page the visitor has come from)
- IP-address (z.B. 2188.8.131.52)
- Information on the operating system (the software that enables the operation of your computers. Popular operating systems are Windows, Mac OS X or Linux)
- Cookies (small text files that save data in your browser)
- Mouse and keyboard behaviour (every action you take with your mouse or keyboard is stored)
- Date and language settings (the language and date you have set on your PC is saved)
- Screen resolution (shows how many pixels the image display consists of)
Google may use and analyse this data even before you click on the “I am not a robot” checkmark. In the Invisible reCAPTCHA version, there is no need to even tick at all, as the entire recognition process runs in the background. Moreover, Google have not given details on what information and how much data they retain.
How long and where are the data stored?
Due to the integration of reCAPTCHA, your data will be transferred to the Google server. Google have not disclosed where exactly this data is stored, despite repeated inquiries. But even without confirmation from Google, it can be assumed that data such as mouse interaction, length of stay on a website or language settings are stored on the European or American Google servers. The IP address that your browser transmits to Google does generally not get merged with other Google data from the company’s other services.
How can I delete my data or prevent data storage?
If you want to prevent any data about you and your behaviour to be transmitted to Google, you must fully log out of Google and delete all Google cookies before visiting our website or use the reCAPTCHA software. Generally, the data is automatically sent to Google as soon as you visit our website. To delete this data, you must contact Google Support at https://support.google.com/?hl=en-GB&tid=111401120.
If you use our website, you agree that Google LLC and its representatives automatically collect, edit and use data.