7. Glossary#
- Identity Provider (IDP)#
Instance that provides information to authenticate and authorize identities. In case of ID Broker scenarios this is typically a SAML or OpenID Connect IDP hosted by a School Authority.
- Provisioning API#
REST API of the ID Broker. School authorities use the API to send pseudonyms and a limited set of meta information on users and groups to the ID Broker.
- School Authority#
In context of this document, the term school authority subsumes various institutions which serve one or several schools with IT infrastructure. The school authority is the data source for all students and teachers of an environment. The ID Broker will receive a minimal subset of this data, see Big Picture of Univention ID Broker. This can be a single school, a school authority with several schools, or an environment hosting services for a federal state. The environments are hosting a UCS@school domain.
- Service#
In the context of this document a service is an application, which uses single sign-on with the ID Broker and provides a service for students and teachers. For example a learning platform, that offers books.
- Service Provider (SP)#
Instance that provides a service.
- Self-disclosure API#
REST API of the ID Broker which allows retrieval of meta information of an authorized user. It focuses on the role of the user and the assigned learning groups.