Membership in NIEF is open to U.S. law enforcement and criminal justice agencies, as well as other agencies and companies that provide services to them or need to interact and share data with them. There are multiple NIEF membership roles, and agencies may join NIEF in one or more roles, based on their needs. Each membership role is described below. To join NIEF in a membership role, an agency must first submit a completed Request-to-Join form for that role. Agencies wishing to join NIEF in multiple membership roles must submit a Request-to-Join form to the NIEF Federation Manager for each applicable role.
Service Provider Organization
A Service Provider Organization (SPO) is a NIEF member organization that provides one or more electronic information services or resources to other NIEF member organizations and their users. Service Provider Organizations provide services to the federation via trusted Service Provider (SP) software endpoints. When offering information services and resources to users, an SP typically employs federated identity technology (e.g., SAML) and relies on a trusted set of attributes about the user to make access control decisions and compile audit logs. An SPO can also provide services to other NIEF member organizations on a “system-to-system” basis, in which no users are involved.
Identity Provider Organization
An Identity Provider Organization (IDPO) is a NIEF member organization that vets users, issues digital credentials to them, collects attributes about them, and maintains those attributes in an accurate and timely manner. An IDPO operates one or more Identity Provider (IDP) software service endpoints, which perform user authentication for the IDPO’s users and issue trusted assertions containing attribute data about the users. These assertions can be consumed by SPs in NIEF and used for access control and audit logging.
Attribute Provider Organization
An Attribute Provider Organization (APO) is a NIEF member organization that acts as an authoritative source for one or more supplementary attributes about users. An APO operates one or more Attribute Provider (AP) software service endpoints, through which IDPOs and SPOs can perform queries for supplementary data about users. An SPO typically performs such a query to an AP so that it can gather the necessary data for access control decision-making or audit logging, and an IDPO typically queries an AP for attributes so that it can bundle the data into an assertion about the user, and send it to an SP, where it is used for access control and audit purposes.
Service Consumer Organization
A Service Consumer Organization (SCO) is a NIEF member organization that seeks to use (“consume”) data from one or more information services offered by SPOs in NIEF. An SCO operates one or more Service Consumer (SC) software service endpoints, which perform “system-to-system” interactions involving no users. An SC is essentially a software application acting on behalf of the organization that deployed it – the SCO – and gathering the necessary data to meet its business objectives.
Request-to-Join forms are available for download here.
- IDPO Request-to-Join Form
- SPO Request-to-Join Form
- APO Request-to-Join Form
- SCO Request-to-Join Form
Please submit completed Request-to-Join forms to the NIEF Federation Manager via the information on the Contact Info page. Upon receiving your agency’s completed Request-to-Join form(s), the NIEF Federation Manager will review the request and determine whether to invite your agency to submit a formal application for membership. For more information about the formal application process for each role, please see the NIEF Operational Policies and Procedures document. Also, please see the NIEF Application Forms page for downloadable application forms and templates.