Activating services for individual schools (pilot)
Previously, restricting access to individual organization unit / schools was only possible if the service had implemented its own solution to restrict access after Feide’s login. Since more service and host organization have wanted this functionality, we have developed a central functionality available for all services in the Feide customer portal.
We are now testing this new functionality before it is made available to all organization and services in Feide.
During the testing period it is only possible for host organizations to activate services for schools that are participating in the test. School owners that are part of the pilot can activate services for their individual schools.
A list of the host organizations that are part of the pilot will be published here shortly.
How to participate in the pilot
Contact us if you want to test this functionality before it goes into production by sending an email to email@example.com.
Host organizations need to check if the information in the school owner’s user directory matches the one in Brønnøysundregisteret. If the information does not match, users at those schools will not get access to services since the customer portal fetches information from Brønnøysundregisteret.
Problem with access to services activated for individual schools?
The customer portal fetches information from Brønnøysundregisteret. The organization numbers in the user directory for the host organization must match. If they don’t, users will not get access to services that are activated for individual schools.
For service providers:
If you are a service provider and get feedback from users from a specific school that they can’t access your service:
Check if the service is activated for that school
Check if the host organization is participating in the pilot for testing activation for individual schools
If the school has access to the service, then the problem may be:
The user may be registered at another school
The school may be registered with an organization number that doesn’t match the one in Brønnøysundregisteret.
To solve this problem the host organization needs to either change the information for the organization unit/school or the user in their user directory.
If this is not done, users don’t get the correct access to your and other services when they log in with Feide.
For host organization:
If you are a host organization and get feedback from users who can’t access a service that is activated for that individual school:
The user may be registered at another school
The school may be registered with a wrong organization number.
This must be updated in the host organization user directory, so their users get the correct access to services when they log in with Feide.
Checking user information:
Users can check which school they are registered at by logging in to innsyn.feide.no and checking their information. They can see which school they are registered with under the tab “Group affiliation”, filtering by group type “organization”. The IT department can check the information registered on the user in the school owner’s user directory
If the user is registered at the wrong school, this must be changed in the school owner’s user directory. The school owner needs to change the eduPersonOrgUnitDN. If the school is also the user’s primary school, the eduPersonPrimaryOrgUnitDN must also be changed.
If users doesn’t belong to any school, they don’t get access to services activated for individual schools, only services activated for the whole organization.
Checking if the organization number registered for the school is wrong
If the correct school is registered on the user, you need to check if the organization number in the school owner’s user directory matches the one in Brønnøysundregisteret.
How to check which organization numbers are registered in the host organizations user directory
To check which organization numbers are registered in the user directory, run the LDAP validator.
You can also find schools with wrong organization numbers by looking at the Statistics tab in the customer portal. The list of schools is fetched from the Brønnøysundregisteret, so if a school is shown with an organization number instead of the school’s name in the statistic list, the organization number in the user directory doesn’t match.
If the organization number is wrong, the correct number must be entered into the school owner’s user directory so it matches.
Before changing the number, we recommend contacting service providers that have services fetching the organization number to update this in their systems if needed. You can see which services are fetching the organization number on “View user attributes in services” under the “Utility” tab in the Feide customer portal.