The purpose of authentication and authorisation infrastructure (AAI) in EOSC is to support the FAIR principles for data and services while enabling high-trust collaborations to be established and maintained with little or no friction to the end user. As federated AAI provides trusted identity information and allows scalable management of roles and rights, it is a key concern for the security and trust of any collaboration. AAI for escience is developed not in a vacuum but in the context of a global marketplace of AAI products and services which typically focuses on the consumer-business relationship. The goal of the EOSC AAI is to build a foundation for e-science AAI which will ensure longterm availability of the aspects of digital identity that are unique to scientific collaborations and which are often hard or even impossible to achieve using the tools and design patterns used to provide enterprise or consumer identity.