Skip to main content
Skip table of contents

Configuration Tool for IdP

eduroam CAT (Configuration Assistant Tool)

eduroam CAT is tooling provided by GÉANT (Gigabit European Academic Network) to improve the security and ease of enrolment. If you're using username / password credentials, it is the recommended approach for enrolling devices, as it generates a organisation and platform specific profile to install. It improves the processes in three ways:

  • Security: because it pins the IdP certificate CA (Certification Authority) and CN (Common Name) in the device supplicant configuration, it prevents most MITM (man in the middle) credential stealing attacks

  • Ease: The profile error checks the realm entered by the user, catching the most common forms of typos, e.g. jane@example.ac.zn

  • Privacy: (Where possible) the profile can set the outer identity to anonymous@example.ac.nz, reducing PII (Personal Identifiable Information) leakage 

If your process already uses SCEP (Simple Certificate Enrolment Protocol)/ MDM (Mobile Device Management) deployed credentials; you probably don't need CAT. But for any other configuration, CAT Is our recommendation. 

In addition, eduroam CAT is the portal to use to request GÉANT TLS (Transport Layer Security) certificates if you're planning to implement RadSec.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close