...
- User Base: Who are your users? Are they affiliated with institutions in eduGAIN, external (e.g. guest, citizen science), or a mix?
- Access Requirements: Does the sensitivity of your research require additional access approval mechanisms? Do you need fine-grained access control, or is basic authentication sufficient?
- Scale: How many services do you plan to connect to your AAI? Which protocols do they require? What is a realistic estimate of effort required to migrate all users and services from one AAI to another in case of a crisis?
- Existing Infrastructure: Do you have an identity provider (IdP) or group management service already?
- Sustainability: Can you commit operational resources, or do you need a hosted service? For how long will your AAI be required? Debugging connections issues can be time consuming and require more effort as the number of participating institutes grows.
- Environment specific requirements: Do you need any physical connectivity to dedicated networks? Are IT interventions restricted to fixed time windows?
- Governance: Who will take responsibility for policy decisions regarding your AAI? You will require a body with enough authority over your research community to make high level statements and decisions, e.g. for data protection, security policy requirement etc.
...