REFEDS Research and Scholarship

entity-category URI	http://refeds.org/category/research-and-scholarship
eduGAIN enabled	Yes

Info

title	Definition

Candidates for the Research and Scholarship (R&S) Category are Service Providers that are operated for the purpose of supporting research and scholarship interaction, collaboration or management, at least in part. For more information please see REFEDS Entity Category Research and Scholarship.

...

Expected attribute release from an Identity Provider

Attribute(s)	SAML2 Attribute Identifier	Comment
eduPersonTargetedID	urn:oid:1.3.6.1.4.1.5923.1.1.1.10	Should only be release by the Identity Provider if eduPersonPrincipalName is re-assignable to another user.
eduPersonPrincipalName	urn:oid:1.3.6.1.4.1.5923.1.1.1.6
eduPersonUniqueID	urn:oid:1.3.6.1.4.1.5923.1.1.1.13	eduPersonUniqueID is a long term unique identifier that will not be reused by the Identity Provider. It may be the same value as eduPersonPrincipalName if that attribute is non-re-assignable. Services shall only expect this attribute to be available from Identity Providers within SWAMID.
mail	urn:oid:0.9.2342.19200300.100.1.3	Can be more than one address released but Identity Providers are recommended to release only one.
displayName and/or givenName and sn	urn:oid:2.16.840.1.113730.3.1.241 urn:oid:2.5.4.42 urn:oid:2.5.4.4	A user's name can be released in different ways and it's expected that the Service Provider can handle this.
eduPersonAssurance	urn:oid:1.3.6.1.4.1.5923.1.1.1.11	Services shall only expect this attribute to be available from Identity Providers within SWAMID.
eduPersonScopedAffiliation	urn:oid:1.3.6.1.4.1.5923.1.1.1.9

Process for applying for tagging a service with entity category REFEDS Research and Scholarship

...

GÉANT Dataprotection Code of Conduct

entity-category URI	http://www.geant.net/uri/dataprotection-code-of-conduct/v1
eduGAIN enabled	Yes

Info

title	Definition

The GÉANT Data protection Code of Conduct (CoCo) defines an approach at a European level to meet the requirements of the European Union Data Protection Directive for releasing mostly harmless personal attributes to a Service Provider (SP) from an Identity Provider (IdP). For more information please see GEANT Data Protection Code of Conduct.

...

Expected attribute availability from an Identity Provider for attributes required by indication in metadata

Attribute(s)	SAML2 Attribute Identifier	Comment
eduPersonTargetedID	urn:oid:1.3.6.1.4.1.5923.1.1.1.10
eduPersonPrincipalName	urn:oid:1.3.6.1.4.1.5923.1.1.1.6
eduPersonUniqueID	urn:oid:1.3.6.1.4.1.5923.1.1.1.13	eduPersonUniqueID is a long term unique identifier that will not be reused by the Identity Provider. It may be the same value as eduPersonPrincipalName if that attribute is non-re-assignable.
eduPersonOrcid	urn:oid:1.3.6.1.4.1.5923.1.1.1.16
norEduPersonNIN	urn:oid:1.3.6.1.4.1.2428.90.1.5	This attribute is for students systems that needs to be synchronised with the the student documentations system directly or indirectly. Within SWAMID norEduPersonNIN can besides Swedish Personal Numbers and Swedish Co-ordination Numbers also contain Interim Personal Numbers from the student documentation system Ladok and the Swedish national study enrolment system. SWAMID Identity Providers only release this attribute to services registered in SWAMID.
personalIdentityNumber	urn:oid:1.2.752.29.4.13	Within SWAMID personalIdentityNumber only contain Swedish Personal Numbers or Swedish Co-ordination Numbers. SWAMID Identity Providers only release this attribute to services registered in SWAMID.
schacDateOfBirth	urn:oid:1.3.6.1.4.1.25178.1.2.3
mail	urn:oid:0.9.2342.19200300.100.1.3	Can be more than one address released but Identity Providers are recommended to release only one.
displayName	urn:oid:2.16.840.1.113730.3.1.241
givenName	urn:oid:2.5.4.42
sn (surname)	urn:oid:2.5.4.4
cn (commonName)	urn:oid:2.5.4.3	Due to that cn is use for different things in different in different identity management systems it's highly recommended to use the attribute displayName instead.
eduPersonAssurance	urn:oid:1.3.6.1.4.1.5923.1.1.1.11	Services shall only expect this attribute to be available from Identity Providers within SWAMID.
eduPersonScopedAffiliation	urn:oid:1.3.6.1.4.1.5923.1.1.1.9
eduPersonAffiliation	urn:oid:1.3.6.1.4.1.5923.1.1.1.1	Due to eduPersonAffiliations non domain scoped nature it's highly recommended to use the attribute eduPersonScopedAffiliation instead.
o (organizationName)	urn:oid:2.5.4.10	This attribute is also be available as an metadata attribute.
norEduOrgAcronym	urn:oid:1.3.6.1.4.1.2428.90.1.6
c (countryName)	urn:oid:2.5.4.6
co (friendlyCountryName)	urn:oid:0.9.2342.19200300.100.1.43
schacHomeOrganization	urn:oid:1.3.6.1.4.1.25178.1.2.9
schacHomeOrganizationType	urn:oid:1.3.6.1.4.1.25178.1.2.10

Process for applying for tagging a service with entity category GÉANT Dataprotection Code of Conduct

...

------------------------------------------------------------------------------

SWAMID entity categories under process to be

...

deprecated

Warning

SWAMID is under the process to deprecate old entity categories. All entity category based attribute released will be based on entity categories described above.

Deprication Deprecation process:

From 2019-10-23 all new services need to register with both the old SWAMID entity categories and the entity categories described above.
From 2020-09-01 all new services will only be registered with the entity categories described above, not the old SWAMID ones.
From 2020-09-01 to 2021-03-31 all current services will be moved from the old SWAMID entity categories to the entity categories described above.
2021-03-31 all services that still has the old entity categories will be removed from SWAMID metadata.

...

Tip

Entity categories is additive, this means that one Service Provider can have both research-and-education and sfs-1993-1153.

name below means givenName, surname, initials, displayName.

Category	Description
research-and-education	SP is an application that directly or indirectly supports HEI institutions.
sfs-1993-1153	SP is an application that fulfills SFS 1993:1153

SWAMID Research & Education (deprecated 2020-09-01 with transitional use until 2021-03-31)

entity-category URI	http://www.swamid.se/category/research-and-education
eduGAIN enabled	No

Warning

title	Will be deprecated 2020-09-01

SWAMID Research & Education entity category is under process to be deprecated and will in the future be replaced with REFEDS R&S or GÉANT CoCo depending on service.

...

Expected attribute release when paired with a SWAMID Data Protection Entity Category

Attribute(s)	OID	Comment
transientId		SAML2 session user identifier.
eduPersonTargetedID	1.3.6.1.4.1.5923.1.1.1.10
eduPersonAssurance	1.3.6.1.4.1.5923.1.1.1.11	One or more Assurance Profiles for the user if it is defined, please see "3.3 Configure Shibboleth SP - Check for Identity Assurance or REFEDS SIRTFI" for more information.
eduPersonPrincipalName	1.3.6.1.4.1.5923.1.1.1.6
mail	0.9.2342.19200300.100.1.3	Can be more than one address released but Identity Providers are recommended to release only one.
displayName, cn and/or givenName and sn	2.16.840.1.113730.3.1.241, 2.5.4.3, 2.5.4.42, 2.5.4.4	A user's name can be released in different ways and it's recommended that the Service Provider can handle this.
eduPersonScopedAffiliation	1.3.6.1.4.1.5923.1.1.1.9
o	2.5.4.10
norEduOrgAcronym	1.3.6.1.4.1.2428.90.1.6
c	2.5.4.6
co	0.9.2342.19200300.100.1.43
schacHomeOrganization	1.3.6.1.4.1.25178.1.2.9

Process for applying for tagging a service with entity category Research & Education

...

SWAMID SFS 1993:1153 (deprecated 2020-09-01 with transitional use until 2021-03-31)

entity-category URI	http://www.swamid.se/category/sfs-1993-1153
eduGAIN enabled	No

Warning

title	Will be deprecated 2020-09-01

SWAMID SFS 1993:1153 entity category is under process to be deprecated and will in the future be replaced with GÉANT CoCo depending on service.

...

Expected attribute release

Attribute	OID	Comment
transientId		SAML2 session user identifier.
eduPersonTargetedID	1.3.6.1.4.1.5923.1.1.1.10
eduPersonAssurance	1.3.6.1.4.1.5923.1.1.1.11	One or more Assurance Profiles for the user if it is defined, please see "3.3 Configure Shibboleth SP - Check for Identity Assurance or REFEDS SIRTFI" for more information.
norEduPersonNIN	1.3.6.1.4.1.2428.90.1.5	Swedish goverment Personal Identity Number, Swedish goverment temporary Co-ordination number or Swedish National Admission system interim identity number.

Process for applying for tagging a service with entity category SFS 1993:1153

...

SWAMID HEI Service (deprecated 2020-09-01 with transitional use until 2021-03-31)

entity-category URI	http://www.swamid.se/category/hei-service
eduGAIN enabled	No

Info

title	Definition

The application is provided by a Swedish Higher Education Institution (HEI) which is ultimately responsible for its operation.

...

SWAMID NREN Service (deprecated 2020-09-01 with transitional use until 2021-03-31)

entity-category URI	http://www.swamid.se/category/nren-service
eduGAIN enabled	No

Info

title	Definition

The application is provided by SUNET (the Swedish National Research and Education Network, NREN) which is ultimately responsible for its operation.

...

SWAMID EU Adequate Protection (deprecated 2020-09-01 with transitional use until 2021-03-31)

entity-category URI	http://www.swamid.se/category/eu-adequate-protection
eduGAIN enabled	No

Info

title	Definition

The application is compliant with either

EU data protection directive as implemented in the national legislation (the service is located in a EU or EES country) or
For services located outside EU and EES
- EU adequate protection for third countries according to Commission decisions on the adequacy of the protection of personal data in third countries or
- EU Model Contracts for the transfer of personal data to third countries.

...

Versions Compared

Old Version 181

New Version 182

Key

REFEDS Research and Scholarship

Expected attribute release from an Identity Provider

Process for applying for tagging a service with entity category REFEDS Research and Scholarship

GÉANT Dataprotection Code of Conduct

Expected attribute availability from an Identity Provider for attributes required by indication in metadata

Process for applying for tagging a service with entity category GÉANT Dataprotection Code of Conduct

------------------------------------------------------------------------------

SWAMID entity categories under process to be

deprecated

SWAMID Research & Education (deprecated 2020-09-01 with transitional use until 2021-03-31)

Expected attribute release when paired with a SWAMID Data Protection Entity Category

Process for applying for tagging a service with entity category Research & Education

SWAMID SFS 1993:1153 (deprecated 2020-09-01 with transitional use until 2021-03-31)

Expected attribute release

Process for applying for tagging a service with entity category SFS 1993:1153

SWAMID HEI Service (deprecated 2020-09-01 with transitional use until 2021-03-31)

SWAMID NREN Service (deprecated 2020-09-01 with transitional use until 2021-03-31)

SWAMID EU Adequate Protection (deprecated 2020-09-01 with transitional use until 2021-03-31)