7. Glossary#

Identity Provider (IDP)#: Instance that provides information to authenticate and authorize identities. In case of ID Broker scenarios this is typically a SAML or OpenID Connect IDP hosted by a School Authority.
Provisioning API#: REST API of the ID Broker. School authorities use the API to send pseudonyms and a limited set of meta information on users and groups to the ID Broker.
School Authority#: In context of this document, the term school authority subsumes various institutions which serve one or several schools with IT infrastructure. The school authority is the data source for all students and teachers of an environment. The ID Broker will receive a minimal subset of this data, see Big Picture of Univention ID Broker. This can be a single school, a school authority with several schools, or an environment hosting services for a federal state. The environments are hosting a UCS@school domain.
Service#: In the context of this document a service is an application, which uses single sign-on with the ID Broker and provides a service for students and teachers. For example a learning platform, that offers books.
Service Provider (SP)#: Instance that provides a service.
Self-disclosure API#: REST API of the ID Broker which allows retrieval of meta information of an authorized user. It focuses on the role of the user and the assigned learning groups.
UCS@school ID Connector#: The ID Connector connects an UCS@school directory to any number of other UCS@school directories in a 1:n relation. In the context of the ID Broker the ID Connector is used to synchronize Identities to the ID Broker.

ID Broker manual for school authorities

Glossary

7. Glossary#