Social identity providers
This is a bridge documentation for a social identity providers. Bridge provides a translation between the authentication mechanism of a social identity provider and the SAML2 protocol.
Service registration for social IdP
This part of the guide is only for service providers who are not part of eduID.cz federation.
If your service provider is part of eduID.cz federation, follow this guide, please.
Send an email to login@cesnet.cz with the following items:
- Service name
- Service description
- Contact email (we prefer impersonal emails)
- SAML2 metadata
- Production / testing service
- Privacy Policy Url (for production services)
- Required attributes together with justification (available attributes see below).
Download the appropriate metadata file and wait for the e-mail confirmation.
Available attributes
- eduPersonPrincipalName- contains the user identifier of the social provider
- displayName
- mail
- schacHomeOrganization - see bellow
Google Social IdP
- User identifier: <Google ID>@google.extidp.cesnet.cz
- schacHomeOrganization: google.com
Facebook Social IdP
- User identifier: <Targeted Facebook ID>@facebook.extidp.cesnet.cz
- schacHomeOrganization: facebook.com
LinkedIn Social IdP
- User identifier: <LinkedIn ID>@linkedin.extidp.cesnet.cz
- schacHomeOrganization: linkedin.com
ORCid Social IdP
- User identifier: <ORCID ID>@orcid.extidp.cesnet.cz
- schacHomeOrganization: orcid.org
Github Social IdP
- User identifier: <Github ID>@github.extidp.cesnet.cz
- schacHomeOrganization: github.com