Social identity providers

This is a bridge documentation for a social identity providers. Bridge provides a translation between the authentication mechanism of a social identity provider and the SAML2 protocol.

Service registration for social IdP

This part of the guide is only for service providers who are not part of eduID.cz federation.

If your service provider is part of eduID.cz federation, follow this guide, please.

Send an email to login@cesnet.cz with the following items:

Service name
Service description
Contact email (we prefer impersonal emails)
SAML2 metadata
Production / testing service
Privacy Policy Url (for production services)
Required attributes together with justification (available attributes see below).

Download the appropriate metadata file and wait for the e-mail confirmation.

Available attributes

eduPersonPrincipalName- contains the user identifier of the social provider
displayName
mail
schacHomeOrganization - see bellow

Google Social IdP

User identifier: <Google ID>@google.extidp.cesnet.cz
schacHomeOrganization: google.com
Metadata

Facebook Social IdP

User identifier: <Targeted Facebook ID>@facebook.extidp.cesnet.cz
schacHomeOrganization: facebook.com
Metadata

LinkedIn Social IdP

User identifier: <LinkedIn ID>@linkedin.extidp.cesnet.cz
schacHomeOrganization: linkedin.com
Metadata

ORCid Social IdP

User identifier: <ORCID ID>@orcid.extidp.cesnet.cz
schacHomeOrganization: orcid.org
Metadata

Github Social IdP

User identifier: <Github ID>@github.extidp.cesnet.cz
schacHomeOrganization: github.com
Metadata

aai.cesnet.cz

Sidebar

Table of Contents