Entity categories are used for data release minimization and scalable attribute release from an Identity Provider within SWAMID to a Service Provider in SWAMID and/or eduGAIN.
If an owner of a Service and the Identity Provider Home Organisation has a bilateral agreement the attribute release can be extended with additional attributes based on the agreement.
Please note that the old entity categories SWAMD Research and Education and SWAMID SFS 1993:1153 is deprecated and will removed from all services metadata at the end of 2022.
x - Attribute is released if it's available in the Home Organisation Identity Provider.
o - Attribute is released only if requested and required in the metadata for the service and if it's available in the Home Organisation Identity Provider.
SAML2 Attribute Identifier | Friendly Name | Without enitity category | Data protection Code of Conduct (REFEDS CoCo v2 and GÉANT CoCo v1) | REFEDS Personalized Access Entity Category | REFEDS Pseudonymous Access Entity Category | REFEDS Anonymous Access Entity Category | REFEDS Research and Scholarship Entity Category (R&S) | European Student Identifier Entity Category | |
---|---|---|---|---|---|---|---|---|---|
| |||||||||
urn:oasis:names:tc:SAML:attribute:pairwise-id | pairwise-id | o | x | ||||||
urn:oasis:names:tc:SAML:attribute:subject-id | subject-id | o | x | ||||||
urn:oid:1.3.6.1.4.1.5923.1.1.1.10 | eduPersonTargetedID | o | (x3) | ||||||
urn:oid:1.3.6.1.4.1.5923.1.1.1.6 | eduPersonPrincipalName | o | x | ||||||
urn:oid:1.3.6.1.4.1.5923.1.1.1.16 | eduPersonOrcid | o4 | |||||||
urn:oid:1.3.6.1.4.1.2428.90.1.5 | norEduPersonNIN | o2 | |||||||
urn:oid:1.2.752.29.4.13 | personalIdentityNumber | o2 | |||||||
urn:oid:1.3.6.1.4.1.25178.1.2.3 | schacDateOfBirth | o | |||||||
urn:oid:0.9.2342.19200300.100.1.3 | o | x | x | ||||||
urn:oid:2.16.840.1.113730.3.1.13 | mailLocalAddress | o5 | |||||||
urn:oid:2.5.4.42 | givenName | o6 | x6 | x6 | |||||
urn:oid:2.5.4.4 | sn (aka surname) | o6 | x6 | x6 | |||||
urn:oid:2.16.840.1.113730.3.1.241 | displayName | o6 | x6 | x6 | |||||
urn:oid:1.3.6.1.4.1.2428.90.1.10 | norEduPersonLegalName | o6 | |||||||
urn:oid:2.5.4.3 | cn (aka commonName) | o6 | |||||||
urn:oid:1.3.6.1.4.1.5923.1.1.1.11 | eduPersonAssurance | o | x | x | x7 | ||||
urn:oid:1.3.6.1.4.1.5923.1.1.1.9 | eduPersonScopedAffiliation | o | x | x | x | x | |||
urn:oid:1.3.6.1.4.1.5923.1.1.1.1 | eduPersonAffiliation | o | |||||||
urn:oid:2.5.4.10 | o (aka organizationName) | o | |||||||
urn:oid:1.3.6.1.4.1.2428.90.1.6 | norEduOrgAcronym | o | |||||||
urn:oid:2.5.4.6 | c (aka countryName) | o | |||||||
urn:oid:0.9.2342.19200300.100.1.43 | co (aka friendlyCountryName) | o | |||||||
urn:oid:1.3.6.1.4.1.25178.1.2.9 | schacHomeOrganization | o | x | x | x | ||||
urn:oid:1.3.6.1.4.1.25178.1.2.10 | schacHomeOrganizationType | o | |||||||
urn:oid:1.3.6.1.4.1.25178.1.2.14 | schacPersonalUniqueCode | x8 |
Entity category | Unique identifier | |
---|---|---|
GÉANT Data Protection Code of Conduct Entity Category | http://www.geant.net/uri/dataprotection-code-of-conduct/v1 | |
REFEDS Data Protection Code of Conduct Entity Category | https://refeds.org/category/code-of-conduct/v2 | |
REFEDS Personalized Access Entity Category | https://refeds.org/category/personalized | |
REFEDS Pseudonymous Access Entity Category | https://refeds.org/category/pseudonymous | |
REFEDS Anonymous Access Entity Category | https://refeds.org/category/anonymous | |
REFEDS Research and Scholarship Entity Category (R&S) | http://refeds.org/category/research-and-scholarship | |
European Student Identifier Entity Category (ESI) | https://myacademicid.org/entity-categories/esi | |
SWAMID R&E | http://www.swamid.se/category/research-and-education | Deprecated and decommisoned |
SWAMID SFS-1993-1153 | http://www.swamid.se/category/sfs-1993-1153 | Deprecated and decommisoned |
SWAMID EU-Adequate-Protection | http://www.swamid.se/category/eu-adequate-protection | Deprecated and decommisoned |
SWAMID NREN-Service | http://www.swamid.se/category/nren-service | Deprecated and decommisoned |
SWAMID HEI-Service | http://www.swamid.se/category/hei-service | Deprecated and decommisoned |
Entitetskategori | Unik identifierare | |
---|---|---|
SWAMID AL1 | http://www.swamid.se/policy/assurance/al1 | |
SWAMID AL2 | http://www.swamid.se/policy/assurance/al2 | |
SWAMID AL3 | http://www.swamid.se/policy/assurance/al3 | |
SWAMID AL2-MFA-HI | https://www.swamid.se/policy/authentication/swamid-al2-mfa-hi | Deprecated and decommisoned |
REFEDS Assurance Framework | https://refeds.org/assurance/* | |
REFEDS Security Incident Response Trust Framework for Federated Identity (SIRTFI) version 1 | https://refeds.org/sirtfi | |
REFEDS Security Incident Response Trust Framework for Federated Identity (SIRTFI) version 2 | https://refeds.org/sirtfi2 |