Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

What is the EWP Admin role?

The EWP Admin role (Erasmus Without Paper Administrator role) has been defined to enable authorised representatives of Higher Education Institutions (HEIs) participating in Erasmus+ activities to login in a federated manner to EWP tools to manage their EWP information and settings.

...

The EWP Admin role is transported via eduGAIN, upon successful authentication of the entitled staff.

EWP Admin Role Specification

For HEIs/Identity Providers

HEIs supporting the EWP Admin role should shall release this information for the appropriate staff members in the SAML2 Assertions issued by their Identity Provider to MyAcademicID as an eduPersonEntitlement attribute with the following value:

...

For more information about the full list of attributes expected from Identity Providers, read Attributes required from Higher Education Institutions

For EWP Service Providers

EWP Services requiring the EWP Admin role, they will receive it from MyAcademicID either as a SAML2 attribute named eduPersonEntitlement (urn:oid:1.3.6.1.4.1.5923.1.1.1.7)  or an OpenID Connect claim named entitlement with the following value:

Code Block
urn:geant:myacademicid.org:<sHO>:ewp:admin

<sHO> is the Higher Education Institution's schacHomeOrganization value.

...

Read: Attributes available to Relying Parties#Entitlements