Setting up a new edu-ID Home Organization

This checklist informs about various facts and requirements the customer needs to know and provide so that the edu-ID onboarding can be initiated. It covers administrative as well as technical topics.

1. "Federation Partner Plus" Service Agreement

Unless the customer is a SWITCH foundation beneficiary (Swiss university) and already subscriber of other SWITCH services, the SWITCH edu-ID service is ordered by sending the signed service agreement to SWITCH.
SWITCH will prepare the "Federation Partner Plus" service agreement according to the information received by the customer. The following list describes the various sections of the service agreement and specifies which information SWITCH needs to be provided with.

 

Customer / Person ordering the service

Please specify the full name and address of the customer institution requesting the service. The service agreement needs to be signed by a person entitled to order the service. Please specify the name and the function of this person.

In case invoices should be sent to a specific address/person, please indicate this as well.

 

Home Organisation contact persons

The customer institution needs to designate one or two contact persons who will be responsible for administrating the customer’s Home Organisation in the SWITCHaai Federation.

These persons should have a basic knowledge of the SWITCH edu-ID legal framework and the technical framework of the SWITCHaai Federation.
These persons’ duties will be managing the attribute release policy for releasing affiliation related attributes to services and being the local contact persons for edu-ID related topics.
Furthermore, SWITCH will direct technical inquiries or announcements regarding the edu-ID service to these contacts.

 

Home Organisation technical contact persons

The customer institution needs to designate one or two contact persons who will be responsible for the technical deployment of the onboarding at the customer institution.

 

Launching date

Please specify a launching date. If SWITCH agrees, the service will be operational and charged from then on.

2. Technical information and requirements

This chapter lists some technical requirements the customer institution has to ensure and some pieces of information SWITCH requires for the SWITCH edu-ID onboarding of the institution.

 

Home Organisation Name based on customer’s DNS name

In the SWITCHaai Federation, each participating organisation with an Identity Provider (IdP) is identified by its globally unique Home Organisation Name.
Usually, the organisation's main domain name is used as identifier, e.g. example.org

The institutional IdP service will run under a DNS name in the eduid.ch domain. For a Home Organisation Name example.org, the name of the IdP service would be example.login.eduid.ch. Users will never need to manually enter this name, but they will see it during the login process as part of the IdP’s service URL.

 

 

Institutional logos

The customer institution has to specify one logo in two sizes.

Requirements

  • One small logo, a favicon PNG graphic of 16x16 pixels
  • One larger logo, ideally an SVG graphic or a PNG graphic with a transparent background, with dimensions of about 80x60 pixels.

SWITCH requires

Files containing these two logos, or URLs where these logos can be downloaded from.

 

 

Information to support end users

In case of user questions regarding their institutional affiliation, the SWITCH edu-ID helpdesk needs to know where to redirect these users to.

Requirement

The customer institution must ensure that the organization’s helpdesk is ready to support users regarding issues with their institutional affiliation and the SWITCH edu-ID service.

SWITCH requires

  • URL, e-mail address and/or phone number to the organization’s helpdesk.
  • URL of the user support web page

 

 

Minimum set of attributes to be supported by the Home Organization

In the SWITCHaai Federation, all Home Organisation must be able to provision a minimum set of attributes per user via attribute synchronization.

A Home Organization must at least support all SWITCHaai Core Attributes

If the customer’s user directory contains the information to provision further attributes as specified in the Attribute Specification, the customer is encouraged to provide SWITCH a list of the additional attributes planned to provision.

Requirement