Page tree
Skip to end of metadata
Go to start of metadata

Scenario Background

A person has enrolled as a student and has activated an institutional credential (a 'netid'). The student is approaching graduation and would like to link her external credential (e.g. Facebook Account) so that she can access her transcripts and electronic diploma without having to maintain an institutional credential.


Narrative Walkthrough

  1. The person authenticates to an institutionally provided account management application, or to the Resource Catalog.
  2. If the institution allows linking an external credential, the Resource Catalog or institutionally provided application allows the user to issue a request.
  3. The Provisioning Service triggers any workflow or approval required, and invokes the Person Update service (or messages the Person Update queue) to inform the Entity Registry of the newly assigned credential.
  4. The credential is now available as an identifier for use in attribute authority queries.
  5. After graduation, the student attempts to access her Electronic Diploma. She selects "Login Using Facebook" and is redirected to the Facebook IdP for authentication. After successful authentication, the Electronic Diploma SP issues an attribute authority (AA) request to the institution's attribute authority using her Facebook EPPN. This AA call returns her unique identifier in the Student Information System so that her transcripts and electronic diploma can be retrieved.
  • No labels