MSDNAA is the Microsoft Developer Network Academic Alliance - an online webstore offering discounted Microsoft products to students and teachers. The service is operated by e-academy.com. This service is only available in SWAMID 2.0 metadata.
Since e-academy declares safe-harbor it can be treated as any EU-based company. However SWAMID operations recommends that eptid be used instead of eppn's as identifiers for users. The minimum attribute release is only eptid but email and displayName helps to make the site more user-friendly. Some features may require the release of organizational information.
Read the official Shibboleth MSDNAA implementation guide for details on how to turn on SAML ("Shibboleth") authentication for your MSDNAA/ELMS webstore. In order to do this you first have to have a webstore of course - contact your Microsoft representative. This document also contains a full list of supported attributes. Note that some of those attributes are in fact optional.
MSDNAA kräver att IdPn konsumerar metadata för SWAMID 2.0. Läs mer här: Konfigurera metadata för att använda SWAMID samt Choosing the right SAML metadata URL.
Special conciderations when MSDNAA license is not covering the whole HEI
If your university or university college doesn't have a MSDNAA license covering the whole organization but only part of it you have to need to make some special arrangments to make this work.
- For all users that is eligible to use DreamSpark Premium you must an ou attribute (urn:oid:22.214.171.124) from your IdP release to ELMS Webshop with a special value, for example DreamSparkEligible.
- You must configure External Organization Code in the webshop Organization form to the value you ou attribute you release, in this case DreamSparkEligible.
- Activate Restrict Eligibilty Scope in the form form Shibboleth Verification.