How to use WAYF

Logging in with WAYF

  1. Go to the website of the information service you would like to use.
  2. When logging in using the WAYF button, you get referred to WAYF, where you will be asked to state from which institution you come.
  3. If you are not logged in at your institution, you will be taken to its login page.
  4. Once you are logged in, WAYF shows you which information will be passed on to the service provider. Simply click the Continue button to get to the service. You can click another button to tell WAYF not to re-display this information page if you log into the same service again later on.
  5. If the information service accepts your information, you will be granted access to the service. It is always up to the service to decide who to let in.

What is WAYF?

WAYF connects institutions with external services used by the institutions' users.

Which information does WAYF pass on to the services?

WAYF confines the information with regard to what service providers need to be able to decide whether access should be granted to you. If e.g. the provider only needs to know whether you are coming from a specific institution, WAYF will not pass on information about your name or social security number. You will always be asked consent to the transfer, no matter which information is in question.

Which information about me does WAYF keep?

WAYF keeps information about which information pages you have asked us not to re-display. The information is saved as a so-called cryptographic hash value established on the basis of your user information. It is not possible to determine which user has asked WAYF not to re-display.

How does WAYF work?

WAYF communicates with two kinds of organisations: Service providers and institutions. The service providers (e.g. a research library or a scientific database) make a service available. The institutions put information about the users at disposal. WAYF takes care of the necessary technical translations for the communication between the two kinds of organisations. In order for a user to be able to access the service, information about the user must be transferred to the service. This information is provided by the user's home institution — not by the user himself — which is why service providers choose to trust the data about the user. The user is always shown what information about him is to be handed over to the service. It is always up to the service to decide whether a user should be let in or not (authorisation).