Entity categories is used for data release minimization and scalable attribute release from an Identity Provider within SWAMID to a Service Provider in SWAMID and/or eduGAIN.

If an owner of a Service and the Identity Provider Home Organisation has a bilateral agreement the attribute release can be extended with additional attributes based on the agreement.

Best Practice attribute release based on entity categories

x - Attribute is released if it's available in the Home Organisation Identity Provider.
o - Attribute is released only if requested and required in the metadata for the service and if it's available in the Home Organisation Identity Provider.

AttributSAML2 Attribute IdentifierWithout enitity categoryGÉANT CoCoREFEDS R&SSWAMID R&E

SWAMID SFS-1993-1153





Attribute released "only if requested and required" in metadata1.

Note that norEduPersonNIN and personalIdentityNumber has additional restrictions2.




No new EntityID will be permitted to use this category from SWAMID 2020-09-01.

This entity category is deprecated and will be removed from all entities 2021-03-31. The process of removal will start 2020-09-01.


SWAMID R&E is used in pair with one of the entity categories SWAMID EU-Adequate-Protection, SWAMID NREN-Service and SWAMID HEI-Service



No new EntityID will be permitted to use this category from SWAMID 2020-09-01.

This entity category is deprecated and will be removed from all entities 2021-03-31. The process of removal will start 2020-09-01.


Attributes released only for users with a Swedish personal identity number (sv. personnummer), a Swedish co-ordination number (sv. samordningsnummer) or a organisational student interim identity number (sv. interimspersonnummer)


eduPersonTargetedIDurn:oid:1.3.6.1.4.1.5923.1.1.1.10
ox3

eduPersonPrincipalNameurn:oid:1.3.6.1.4.1.5923.1.1.1.6 oxx 
eduPersonUniqueID4urn:oid:1.3.6.1.4.1.5923.1.1.1.13 oxx 
eduPersonOrcidurn:oid:1.3.6.1.4.1.5923.1.1.1.16 o 
 
norEduPersonNINurn:oid:1.3.6.1.4.1.2428.90.1.5 o2
 x
personalIdentityNumberurn:oid:1.2.752.29.4.13 o2
  
schacDateOfBirthurn:oid:1.3.6.1.4.1.25178.1.2.3 
o


mailurn:oid:0.9.2342.19200300.100.1.3 oxx 
displayNameurn:oid:2.16.840.1.113730.3.1.241 oxx 
cn (commonName)urn:oid:2.5.4.3 o x 
givenNameurn:oid:2.5.4.42 oxx 
sn (surname)urn:oid:2.5.4.4 oxx 
eduPersonAssuranceurn:oid:1.3.6.1.4.1.5923.1.1.1.11 oxxx
eduPersonScopedAffiliationurn:oid:1.3.6.1.4.1.5923.1.1.1.9 oxx 
eduPersonAffiliationurn:oid:1.3.6.1.4.1.5923.1.1.1.1 o   
o (organizationName)urn:oid:2.5.4.10 o x 
norEduOrgAcronymurn:oid:1.3.6.1.4.1.2428.90.1.6 o x 
c (countryName)urn:oid:2.5.4.6 o x 
co (friendlyCountryName)urn:oid:0.9.2342.19200300.100.1.43 o x 
schacHomeOrganizationurn:oid:1.3.6.1.4.1.25178.1.2.9 o x 
schacHomeOrganizationTypeurn:oid:1.3.6.1.4.1.25178.1.2.10 o   


  1. The entity category GÉANT Code of Conduct does not have a specific attribute bundle. Instead of an attribute bundle it uses attribute request in metadata for specific required attributes.
  2. norEduPersonNIN and personalIdentityNumber shall only be released when required by entities registered with in SWAMID (registrationAuthority="http://www.swamid.se/").
  3. eduPersonTargetedID should only be released in with the entity category REFEDS Research & Scholarship if eduPersonPrincipalName is reassignable.
  4. eduPersonUniqueID must be a long term unique identifier that will not be reused. If eduPersonPrincipalName is non-reassignable then eduPersonUniqueID can have the same value as eduPersonPrincipalName.

URI for all entity categories used within SWAMID

Entity categoryUnique identifier
GÉANT CoCohttp://www.geant.net/uri/dataprotection-code-of-conduct/v1
REFEDS R&Shttp://refeds.org/category/research-and-scholarship
SWAMID R&Ehttp://www.swamid.se/category/research-and-educationIs deprecated and will be completely removed 2021-03-31
SWAMID SFS-1993-1153http://www.swamid.se/category/sfs-1993-1153Is deprecated and will be completely removed 2021-03-31
SWAMID EU-Adequate-Protectionhttp://www.swamid.se/category/eu-adequate-protectionIs deprecated and will be completely removed 2021-03-31
SWAMID NREN-Servicehttp://www.swamid.se/category/nren-serviceIs deprecated and will be completely removed 2021-03-31
SWAMID HEI-Servicehttp://www.swamid.se/category/hei-serviceIs deprecated and will be completely removed 2021-03-31


URI for all assurance profiles used within SWAMID

EntitetskategoriUnik identifierare
SWAMID AL1http://www.swamid.se/policy/assurance/al1
SWAMID AL2http://www.swamid.se/policy/assurance/al2
SWAMID AL2-MFA-HIhttps://www.swamid.se/policy/authentication/swamid-al2-mfa-hi
REFEDS Assurance Frameworkhttps://refeds.org/assurance/*
REFEDS SIRTFIhttps://refeds.org/sirtfi