EGI SSO usage

EGI SSO is a legacy central Identity Provider mainly intended to access the EGI Collaboration Tools.

For most services people should look into using federated authentication via EGI Check-in. Still, for some services not yet integrated with Check-in, an EGI SSO account should be used, in that case you can create an EGI SSO account.


  • Central Identity Provider allowing to access EGI Collaboration Tools
  • Group management
  • Synchronisation of groups with other EGI Collaboration Tools
  • Linking of X.509 certificate Distinguished Name (DN) to authenticate using a client certificate

Linking an X.509 certificate to an EGI SSO account

  1. Open the EGI SSO user management page
  2. Select your new certificate to authenticate with it
  3. Complete the login process using your username and password
  4. Once logged, your new DN will be linked to your user account

Updating the DN of a certificate linked to a given EGI SSO account

On purpose a user cannot manually edit a certificate DN

You usually just need to link your new DN to your EGI SSO account, as documented above.

You may have to do this by in a private browser session to ensure that your previous certificate is used.

Once you have done this, you can request us to remove the former DN by opening an Helpdesk ticket to the Collaboration Tools Support Unit.

Legacy DNs shouldn’t prevent you accessing any service with a newer certificate, as long as its DN is linked to your account.