RAFIKI: The First Kenya Identity Federation
Identity and Access Management (IAM) remains a significant challenge within the Research and Education (R&E) community in Africa greatly hindering collaboration within the region. The idea of having a Kenyan Identity dederation was originated in 2016 to help solve this problem. The aim was to provide easy access and facilitate Single Sign-On (SSO) for KENET and its member institutions to research materials and services globally.
This would enable staff and researchers in the KENET community to access education and research services globally using their "home institution"credentials (a single set of username & password) without having to create yet another account. This marked the inception of RAFIKI - the Kenya Identity Federation for Research and Education began.
RAFIKI draws its membership from the KENET community. Currently, the federation has one (1) active Identity provider (https://rafiki.ke/list_of_idps) and two (2) Service providers (https://rafiki.ke/list_of_sps). KENET is making deliberate efforts to grow RAFIKI’s membership by continuously making targeted communication to the community. So far, five (5) institutions have expressed interest in joining the Federation as Identity providers. Additionally, KENET will be federating more services like Utafiti – a data visualization and benchmarking service, an event management service, and a web conferencing solution which will potentially attract more members.
KENET has set up a managed Identity Provider (IdP) to cater for “small” institutions within the community that have no existing form of authentication, have neither the server resources nor the technical expertise required to setup such identity databases On this managed IdP, users can self-enrol, reset their password when need arises, and idle user accounts are automatically deleted to ensure that a clear database of users is maintained. However, institutions are encouraged to setup their own user databases and the KENET team can provide technical guidance in the process.
RAFIKI initiated the process of joining eduGain to enable global access to thousands of educational and research resources for the Kenyan Research and Education community. eduGain provides an efficient way for participating federations, users, and services to interconnect. The joining process was elaborate and required compliance with all the requirements set out on the eduGain website (https://technical.edugain.org/joining_checklist). Under the guidance of Casper and Tomasz of eduGain, RAFIKI complied with all the eduGain joining requirements and was voted in as a member on 20th September 2022. This ensures that RAFIKI members are will not be limited by geographical borders in as far as access to resources is concerned.
Looking to the future
In addition to maintaining RAFIKI's infrastructure, KENET intends to play an active role in the community by continuously creating awareness and training other Research and Education Networks in the region to increase adoption and collaboration. On behalf of RAFIKI, KENET would like to thank UbuntuNet Alliance, especially Alex Motil, and the eduGAIN team of Mario Reale, Casper Dreef and Tomasz Wolniewicz for their training and support throughout this journey which helped to further support research.