4. Glossary#

JSON Web Token (JWT)#

A JWT is standardized way to securely transmit information between parties in a compact and self-contained manner. For the specification, see RFC 7519.

Application Programming Interface (API)#

Is a set of functions and procedures that allow users to access features and data from the corresponding system.

Swagger User Interface (Swagger UI)#

Allows visual interaction with the API’s resources without the need for an external implementation. You find the URLs to the respective Swagger UI in the appropriate sections.

Identity Provider (IDP)#

Instance that provides information to authenticate and authorize identities. In case of ID Broker scenarios this is typically a SAML or OpenID Connect IDP hosted by a School Authority.

School Authority#

In context of this document, the term school authority subsumes various institutions which serve one or several schools with IT infrastructure. The school authority is the data source for all students and teachers of an environment. The ID Broker will receive a minimal subset of this data, see ID Broker sequence: authentication and user data retrieval sequence. This can be a single school, a school authority with several schools, or an environment hosting services for a federal state. The environments are hosting a UCS@school domain.


In the context of this document a service is an application, which uses single sign-on with the ID Broker and provides a service for students and teachers. For example a learning platform, that offers books.

Service Provider (SP)#

Instance that provides a service.