Setting up Federated Identity Management with EDUCAUSE

EDUCAUSE recently began establishing trust relationships with members of The InCommon Federation. The relationships will increase security and streamline access among a group of web sites that EDUCAUSE creates and maintains for its members. In order to use the system and to ensure quality of service, we have established a self-service system that allows key representatives to map their Identity Provider (IdP) to the organization that he or she represents.

EDUCAUSE has recently made changes to its Identity Management configuration. EDUCAUSE has been granted Research & Scholarship (R&S) classification within the InCommon Federation. Information about R&S, and how to configure your IdP to support it, is available below:

To get started, you'll need to configure your organization's IdP software to recognize the EDUCAUSE Service Provider (SP). Please contact your organization's identity management personnel to get started. They will need information about the attributes below.

To add your organization's IdP contact [email protected] and include your name, contact information, and the entityID for your organization's IdP. Please confirm that your IdP is configured to release the required attributes described below.

Configuring Your Identity Provider

Your identity management personnel will need the information below before starting the setup process.

Entity ID

The Entity ID for our Service Provider is

Required Attributes

eppn urn:oid:
sn urn:oid:
givenName urn:oid:
mail urn:oid:0.9.2342.19200300.100.1.3
affiliation * urn:oid:


Please note that only valid public keys published in the form of x.509 certificates in your IdP's metadata will be accepted. Expired certificates will not work. More information regarding certificates in metadata can be found on the InCommon Federation website.


If you have questions, comments or concerns about these attributes, please contact [email protected]