- Created by Dean Woodbeck (internet2.edu), last modified by Albert Wu (internet2.edu) on Apr 06, 2020
Jump to:
An Identity Provider (IdP) supports the Research and Scholarship (R&S) category by releasing a minimal set of user directory information to qualified R&S service providers (SPs) and self-asserting that support via the Federation Manager management portal. Follow these steps:
1 - Release basic user directory information
The Research & Scholarship category is created to ensure that users accessing academic resources have a successful experience the first and every time. A key ingredient of that seamless experience is to make sure the academic resources have the necessary user information at sign-in time to identity the user, provision access, and maintain communication.
To accomplish that objective, The REFEDS Research & Scholarship category specifies a minimum set of user attributes that a qualifying Identity Provider shares, and that a qualified R&S Service Provider agrees to keep safe. To support R&S, An IdP must release at least the following attributes:
eduPersonPrincipalName
mail
displayName OR (givenName AND sn)
(eduPersonTargetedID)
To ensure proper identity binding, an IdP must release a non-reassigned persistent identifier. If your implementation of eduPersonPrincipalName
meets that requirement, it will suffice. Otherwise, you MUST also release eduPersonTargetedID
(which is non-reassigned by definition) in addition to eduPersonPrincipalName
. We recommend releasing both.
search-small Learn more: read the REFEDS R&S entity category specification
Releasing information for only a subset of your users
When configuring release rules, the R&S category does not require you to release information for all of your users. It is sufficient to release information for users who are likely to participate in cross-organization scholarly collaborations. Remember: overly strict release rules causes you to have to frequently process exception release requests. It defeats the goal of enabling seamless, on-demand access to research and scholarly collaboration.
If you have a user information release consent mechanism in place, it may be a good way to mitigate the manual exception release handling requests.
2 - Configuring an IdP to release R&S attributes
See: ConfigureIdP to release R&S attributes
3 - Declare Support for Research & Scholarship in the Federation Manager
Once you have configured your IdP to release the appropriate attributes, let others know about it by tagging your IdP with the "Support R&S" entity attribute in the Federation Manager. To learn how, see Declare your support for R&S in Federation Manager.
Check these items while you are in the Federation Manager
As you make updates to your IdP metadata in the Federation Manager, it is a good time to double check that your IdP has current MDUI information (display name, logo URL, privacy statement, information URL, etc.) and contact information.
In addition, add your Error Handling URL to your metadata. It lets SPs direct the user back to you for assistance should s/he encounter trouble signing into a R&S SP because the necessary attributes aren't there at sign-in time.
Further reading
- Releasing a dynamic subset of the R&S attribute bundle based on requested attributes in SP metadata
- Research and Scholarship FAQ.
help Which InCommon IdP and SP is in R&S?
Related content
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
Get help
Can't find what you are looking for?
- No labels