What is the EWP Admin role?
The EWP Admin role (Erasmus Without Paper Administrator role) has been defined to enable authorised representatives of Higher Education Institutions (HEIs) participating in Erasmus+ activities to login in a federated manner to EWP tools to manage their EWP information and settings.
The EWP Admin is encoded as an eduPersonEntitlement
, assigned by the HEI participating in the Erasmus+ to the staff members that need to access the EWP network management tools (such as EWP Registration Portal, etc.).
The EWP Admin role is transported via eduGAIN, upon successful authentication of the entitled staff.
EWP Admin Role Specification
For HEIs/Identity Providers
HEIs supporting the EWP Admin role should release this information for the appropriate staff members in the SAML2 Assertions issued by their Identity Provider as an eduPersonEntitlement
attribute with the following value:
urn:geant:erasmuswithoutpaper.eu:ewp:admin
For more information about the full list of attributes expected from Identity Providers, read Attributes required from Higher Education Institutions
For EWP Service Providers
- EWP Services which use SAML2 to connect to MyAcademicID will receive the information as an
eduPersonEntitlement
attribute. - EWP Services which use the OpenID Connect to connect to MyAcademicID will receive the information as an entitlement claim.
urn:geant:myacademicid.org:<sHO>:ewp:admin
<sHO> is the Higher Education Institution's schacHomeOrganization value.
Ex: urn:geant:myacademicid.org:geant.org:ewp:admin