About ECHE Whitelist
Some academic institutions would like to participate in student mobility programs or university alliances but they are facing obstacles. They are not part of a federation, they do not have their own Identity Provider (IdP) or they can not release the necessary attributes about their students. The ECHE Whitelist is a list of organizations that are allowed to use Perun as a virtual IdP. Students can log in with their social IdPs or national identities (eID). Perun enriches the attributes from the social IdP with the necessary attribute containing the students' identifiers from their academic institution.
...
User enrollment
Students register using application forms where they fill in their student number - the unique identifier of a student within their institution. The IROs are responsible for independently verifying the student's identity outside of Perun's environment and subsequently approving their application. From that point on, students can use Perun as a virtual IdP providing their student identifier.
Adding new institutionsÂ
The list of institutions eligible for the ECHE Whitelist is updated annually by the European Commission. This information is processed by GÉANT and relayed to Perun team members using personal communication channels such as emails. The Perun team has
scripts in the GÉANT GitLab repository that are capable of adding the new institutions from a csv file. The data received by the Perun team has to be parsed into a single csv file with the following schema: shacHomeOrganization;Country;Organisation Name. This file can contain institutions that already exist in Perun as well as new organizations. The scripts verify whether the institution exists before creating its new representation in Perun. Sometimes the data needs to be cleaned from duplicities, incorrect shacHomeOrganization format or similar inconsistencies.
Test run
Running the script eche_iolr_acceptance.py consumes info about the whitelisted institutions from test.csv and updates the acceptance instance of MyAcademicID - https://vo.acc.myacademicid.org/Â
Verifying that the creation was successful:
Production run
Running the script eche_iolr_production.py consumes info about the whitelisted institutions from production.csv and updates the production instance of MyAcademicID - https://vo.myacademicid.org/Â
Removal of institutions
Presently, the removal of institutions from the whitelist is not automated. Please contact Perun team members for manual removal of institutions that should no longer be whitelisted.
Technical notes
dsa
Perun team contacts
Peter Bolha - bolha@censet.cz (development, operations)
Matej Jošťák - jostak@cesnet.cz (deployment, operations)
Pavel Zlámal - zlamal@cesnet.cz (deployment, operations)
...