Processes to link organizational members to edu-ID
An Organisation that has adopted SWITCH edu-ID needs to make sure that each member (student, staff, further education student) has an edu-ID identity that it is linked to their local, organisational identity.
A link between a local, organizational identity and an edu-ID identity is established once
- the organization can associate a local identity to an edu-ID identity (via its edu-ID identifier), and
- edu-ID can associate an edu-ID identity to an organisation (via its organizational unique identifier)
The most common linking processes are
This scenario may be applied by organisations that have implemented online member registration processes using a web page or web form. This registration process gets extended with an edu-ID linking step. Applicants are required to log in at the organization with their edu-ID identity. Applicants without an edu-ID identity create one on the fly.
As a result, the organisation receives the applicants registration data along with the edu-ID identifier. If the applicant is not admitted, all registration data is discarded. If the applicant is admitted, the organization's IdM creates an affiliation in the edu-ID identity.
In this approach, the processes to register new organisation members remain untouched. Linking with an edu-ID identity takes place after a person has been accepted as member and the organisational identity is created and activated.
- The new organization member is invited - usually by email - to create and link their edu-ID identity
- The member navigates to the organizational linking service and has to authenticate against the local identity management system
- The organizational linking service associates the edu-ID identifier to the local, organisational identity
- After successful linking, the organisational IdM creates/adds an affiliation to the person's edu-ID identity
|Linking at Registration||
|Linking after Admission||
Note that the linking approaches can be mixed. It is for example possible to link students at-registration while staff members are linked after-admission.