Versions Compared

Old Version 14

changes.mady.by.user Marina Adomeit

Saved on

compared with

New Version 22

changes.mady.by.user Wenche Backman-Kamila

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents
outlinetrue

...

eduroam NRO has the full authority to decide and invite the IdPs from NRO's constituency to use eduroam CAT and Managed IdP supporting tools.

For the eduroam Managed IdP tool, there is a limit of a maximum number of 10.000 active end users per NRO. Should the number of active end users within an NRO's constituency exceed this number, eduroam Operations team will contact respective NRO to determine further steps. That limit is not technically enforced and can be followed up with delay and asynchronously. So, no online notification in any way is foreseen.

Purpose and scope

eduroam CAT

...

An NRO administrator accredits new eduroam IdPs, changes IdP details, or deprovisions eduroam IdPs. The primary vehicle for this is not eduroam CAT, but the official eduroam database, which contains all registered IdPs and their contact details.

...

The web presence of eduroam Managed IdP is https://hosted.eduroam.org

Terms of use

eduroam NRO has the full authority to decide and invite the IdPs from NRO's constituency to use eduroam CAT and Managed IdP supporting tools.

For the eduroam Managed IdP tool, there is a limit of a maximum number of 10.000 active end users per NRO. Should the number of active end users within an NRO's constituency exceed this number, eduroam Operations team will contact respective NRO to determine further steps. That limit is not technically enforced and can be followed up with delay and asynchronously. So, no online notification in any way is foreseen.

Nomenclature

The NRO administrator interface of eduroam CAT and eduroam Managed IdP are largely identical. The remainder of this document will refer to both as "the toolset".

...

For users with the NRO management privilege, the toolset provides a dedicated web interface which allows them to

  • invite a new IdP to use eduroam CATthe toolset
  • add new representatives to existing IdPs
  • delete representatives of existing IdPs
  • take control over an IdP
  • manage the relationship between an IdP in the toolset vs. an IdP in the official eduroam database

...

Once an IdP exists in in the toolset (i.e. once the first invitation token for the IdP has been redeemed by an invitee), the IdP admin can add more administrators or delete others as he sees fit. You can do the same though, by using the "Add/Remove Administrators" link on the right side of the list of IdPs. Please consult the IdP-level guides to the respective tool of the toolset for further details of administrator management, available here for CAT and here for Managed IdP.

Take control over an IdP

...

Manage the relationship between an IdP in eduroam CAT vs. an IdP in the official eduroam database

Since the official eduroa eduroam database contains only production-level eduroam IdPs, but the CAT can also be made available to IdPs which are still in a setup/bootstrap phase, the databases of the tools are not in perfect sync. To avoid fragmentation and desynchronisation of the databases, NRO administrators are encouraged to link the same IdP in both databases together.

...

  • Creation of a new IdP
  • Creation of a new Profile for an IdP
  • Listing and Adding administrtators administrators of an IdP
  • For eduroam Managed IdP, managing user populations inside IdP profiles

...

The authoritative reference for the list of ACTIONs is on GitHub, https://github.com/GEANT/CAT/blob/masterrelease_2_0/web/lib/admin/API.php : the class constants API::ACTION_* are the available strings to put into the JSON ACTION field.

...

The authoritative reference for the list of PARAMETERs is on GitHub, https://github.com/GEANT/CAT/blob/masterrelease_2_0/web/lib/admin/API.php : the class constant API::ACTIONS contains two sets of parameters each, "REQ" = required parameters, "OPT" = optional parameters,

...

The HTTP POST will be answered with a "result" field, which is either "SUCCESS" or "ERROR". It is accompanied by a "details" field, which contains either the response details, or in the case of error, an additional "errorcode" and "description".

The content of the response details is given in the constant API::ACTIONS along with the list of parameters (see above) as "RETVAL".

The auhoritative authoritative reference for the list of error codes is on GitHub, https://github.com/GEANT/CAT/blob/masterrelease_2_0/web/lib/admin/API.php : the class constants API::ERROR_*

...