Basic checks

Some basic questions you might want to think about before contacting us (please do contact us, we will help (wink)):

In case you're not sure about these questions, please contact the SRAM-team, for instance .

Followed technical standards

SRAM uses the following standards:

We plan to use the following standards:

Technical and Policy part

Connecting a service to SRAM has a technical as well as policy aspect:

  1. Policy. 
    1. We think research collaborations should decide what services they want to use. Therefor SRAM connects all research services that are or seem to be in demand. We do advise research collaborations to check out the AARC Policy Development Kit (MOOC), which provides templates of all kinds of policies like Acceptable Use Policy. The AARC Policy Development Kit points out research collaborations should check whether
      1. services comply to the GÉANT Data Protection Code of Conduct ("CoCo"), with the intend to comply with v2 GDPR version of the Code of Conduct
      2. services comply to the Research and Scholarship Entity Category
      3. services comply with and use Sirtfi
      4. services comply to the REFEDS Assurance Framework
    2. SRAM will check for certain things:
      1. the service to use a SSL certificate to secure the connection: as a rule of thumb, it should have at least a "B" rating on (but preferably better, of course). If you would like to test your server for configuration issues, you can use the Qualys SSL labs server test at: 
  2. Technical: what is needed on the technical side depends on your situation. We have documented some common situations and relevant information in the child-pages of this page:

After the above technical connection has been taken care of, a CO can request access to a service in SRAM.

Some points of attention

See below in the underlying pages for specific cases, like for example with OIDC, you need to specifically request attributes.


When you can't find what you're looking for, please let us know via .

Underlying pages