SAML2 WebSSO Service Definition

Authentication and attribute transfer of users who have an electronic identity at Dalarna University.

General description of SAML2 WebSSO

The service provides authentication of users which have an electronic idenitity at Högskolan Dalarna, together with release of attributes pertaining to the authenticated user. The provider of the service/centre of learning is a member of SWAMID, the Swedish identity federation for Research and higher education. The service has been deployed in accordance with SWAMID’s policy and encompassing rules and guidelines which have been laid down by SWAMID.

The service and limitations of service

Högskolan Dalarna undertakes to guarantee the availability of the service in accordance with Högskolan Dalarna’s requirements and expectations. Högskolan Dalarna follows SWAMID’s recommendations for release of attributes based upon entity categories. Högskolan Dalarna reserves the right to change the actually released attributes, having communicated such with a service provider, regardless of the recommendations from SWAMID concerning the entity category the service provider has been placed in.

Policy for personal integrity

The service adheres to the policy for the handling of personal data which has been published by Högskolan Dalarna.

The identity provider performs authentication on behalf of a service that Dalarna University has knowledge of, either by metadata delivered via SWAMID or by an agreement between the service and Dalarna University. Depending on the type of service involved, the purpose of the service and what relationship the service has to Dalarna University, the IdP delivers one or more user attributes to the service. This procedure follows the intentions of the Swedish Personal Data Act.

All web services have access to a unique identifier that makes it possible for the user to make settings at logon and access the same settings at the next login. This identifier is unique to this particular service and does not become available to other Web services.

Services that are categorized in SWAMID's metadata (using entity categories) will receive attributes in accordance with SWAMID's recommendations, see below.

Services whose primary purpose is for the benefit of research and education have access to approximately the same personal data which are automatically sent with an everyday email, that being name, email address, user identity, if the user is a student or employee (or similar active role) and that the user has an account at Dalarna University. Registered services that via GÉANT Data Protection Code of Conduct adhere to the European Union’s data protections directives, in Sweden the Personal Data Act, get access to the same information.

Services whose purpose is for students to process admissions, course registrations, examination sign-up, degree applications, internships, grant applications, self-service account administration and for employees self-service for HR system have access to the user’s Swedish personal identity number or Swedish higher education interim personal identity number for foreigners.

Service and support

Questions and faults regarding Högskolan Dalarna and it’s SAML2 WebSSO service: support@du.se

Last reviewed:
Last reviewed: