Page tree
Skip to end of metadata
Go to start of metadata

This page contains information on the SURF Research Access Management (SRAM) service, but focused on research collaborations. Generic information about SRAM can be found at SRAM documentation.


  • any questions? Contact the SRAM-team at
  • any Dutch institution can sign up for the SRAM service
  • a subscribed institution can configure who from the institution can create a new Collaborative Organization (CO)
  • people within the CO get assigned the administrator role
  • CO-admins connect their CO to any of the available services
  • CO-admins invite other researchers to join their CO
  • SRAM will automatically take care of account creation on any service connected to a CO
  • under the right circumstances (all required services technically connected), your research team can start doing their research and access services they need, within an hour

Using SRAM for your research collaboration

Who can create a CO in SRAM?

Only research collaborations for which a Dutch institution takes responsibility can create a CO on the SRAM service. Wondering whether you can use SRAM or who to contact? Email us!

Every Dutch institution which is member of SURF can sign up for the SRAM service. After that, the institution can configure who from the institution can create a new CO in SRAM: some institutions allow anyone to create a new CO, some limit that functionality, for instance to the research support team of the institution.

What services can we use?

Before you can use a research resource, both a 'technical' connection between SRAM and a service is necessary, as well as a 'logical' connection between the SRAM CO and the service:

  • a technical connection means we have been in contact with the manager of the service, and 'bits can flow' from SRAM to the service (and back).
  • once this is taken care of, any CO can select a service in SRAM and request a 'logical' connection. Once approved (depending on configuration, this can be immediately), accounts for members of the CO will be created and managed automatically in the service.

New services connect to SRAM all the time. If you can't seem to select the service or platform you need for your research, please let us know and we will be in contact right away: we love adding new services, and take pride in doing so as fast as possible (while keeping eye on quality and security, of course (wink)).

What does SRAM do and check, what do we need to do ourselves?

During service development, we had discussions about whether SRAM should 'demand' certain things from research services before they are allowed to connect, and if so, to what. But who are we to decide what a research collaboration deems o.k.? So for now we decided to limit the 'demands', but stick to 'advise'.

We do advise CO's to check out the AARC Policy Development Kit (MOOC), which provides templates of all kinds of policies.

The AARC Policy Development Kit also references aspects a CO could check to decide whether or not to use a service. Like whether the service complies:

  1. to the Research and Scholarship Entity Category (R&S)
  2. to the GÉANT Data Protection Code of Conduct ("CoCo"), with the intend to comply with v2 GDPR version of the Code of Conduct
  3. with and use Sirtfi
  4. to the REFEDS Assurance Framework

SRAM does check for certain things:

  1. whether the service uses secure communications. For instance, when a SSL certificate is used, as a rule of thumb, it should have at least a "B" rating on (but preferably better, of course). If you would like to test your server for configuration issues, you can use the Qualys SSL labs server test at: 

O.k., what's next?

  • If a CO is created for your collaboration, a CO-admin should also be assigned and part of your CO. Read on at SRAM for CO-admins about what a CO-admin can do.
  • Maybe your institution allows you to create your CO.


Any questions? Contact the SRAM-team at .

  • No labels