Identity Management Processes

Overview

The edu-ID service covers the following identity management processes:

Process	Description
Account creation	A user creates an account
Account update	A user updates her account details
Onboarding (affiliation creation)	Registering a new member at the organization Registering a current aai-member with edu-ID Registering a non-personal technical account
Offboarding (affiliation removal)	A member leaves the organization
Affiliation update	The organization changes attributes or the status of a member
Duplicate resolution	Detection and resolution of duplicate edu-ID accounts
Temporary affiliation blocking	A user organizational membership link is temporarly disabled
Password management	Setting, re-setting the password for the federated login
Two step login setup	Setting up multi-factor authentication for federated login
Account deletion	An edu-ID account is removed

Depending on the requirements of universities, more processes or features may be added in the future like:

Personal user data is updated based on external source (i.e. another university, SwissID, governmental e-ID)
Identity check: edu-ID (or a third party) vets the identity of a user