Attribute groups

What information the service can receive about the end user is defined in the attribute groups that the service provider sets for the service in the customer portal (

The attribute groups contain a set of attributes about the user and the organization sent from the host organization’s directory. The availability of the information depends on whether it is registered about the user in the host organization’s directory. Read about attributes and their availability in Feide documentation.

Before selecting attribute groups think about what information the service needs to know about the user and organization. Avoid requesting access to more information than the service needs to work. Some services only need to log in to ensure that there is a person associated with the education sector, while others need more to personalize the service for the user. If you find out later that the service needs more information about the user, you can add more attribute groups.

Under is an overview of which attributes each attribute group contains.

Personal information

Below are attribute groups with personal information about the user like name, user identifier, mail, mobile and preferred language.

Name (userinfo-name)

Attribute name


Given name




Legal name


Display name


Common name

User identifiers at organization (userid-feide)

Attribute name


Person’s previous Feide IDs at the organization


Person’s Feide IDs organization


User name


Service specific identifier

Only available with SAML configuration

Mail (email)

Attribute name



Mobile (userinfo-mobile)

Attribute name



Preferred language (userinfo-language)

Attribute name


Preferred language

Identity number (userid-nin)

The information in this attribute group is by the general public and Feide considered as semi-sensitive information. This attribute group is only released where actual need is demonstrated.

Therefore, it can only can be added to a service by Uninett. Send an email to and explain why the service requires this attribute group, and why it is not enough with another user identifier available through Feide.

Attribute name


Identity number assigned by public authorities

Identity assurance (userinfo-assurance)

Attribute name


Identity assurance

Roles, affiliations and groups

Below are attribute groups with information about the user’s roles, affiliations and groups in their organization.

Organizational affiliations (groups-org)

Information about the home organization, organization unit (school/department) and the person’s roles in the organization.

Attribute name


Affiliation at home organization


Primary affiliation at home organization


Affiliation and institution at home organization


Unique identifier of home organization


List of schools


Name of organization units


Email address of organizational unit


Organization number


Realm of home organization


Name of home organization


Legal name of home organization


Organization email address


Distinguished name of organization unit


Distinguished name of primary organization unit


Postal address of educational unit


Telephone number of organizational unit


Acronym for the organizational unit


Common name of home organization

EduPersonOrgDN used in universities and university colleges and EduPersonOrgDN in primary and secondary schools.

Distinguished name of home organization

eduPersonOrgDN:norEduOrgUniqueIdentifier used in universities and university colleges and eduPersonOrgDN:norEduOrgUniqueIdentifier in primary and secondary schools.

Unique identifier of home organization


Telephone number of home organization


Home page of home organization


Acronym for the educational institution


Version of norEdu specification of home organization

Education groups (groups-edu)

For primary, lower and upper secondary schools, this provides access to grade, basis groups, teaching groups and other groups registered in the attribute eduPersonEntitlement.

For users in higher education, this gives access to groups from the Common Student System (Felles studentsystem).

Groups in eduPersonEntitlement

For users in primary, lower and upper secondary schools, group data is registered in the eduPersonEntitlement attribute.

These are eduPersonEntitlement values starting with and

The values starting with describe the grade, education program and program area of the student. For primary and lower secondary school this contains the grade level. For upper secondary school, this contains grade level, education program and program area.

More information about GREP values in Feide can be found here.

The eduPersonEntitlement values starting with contain the basis groups, teaching groups and other groups for both students and teachers in primary, lower and upper secondary schools.

Example of Group:

More information about registration of group values in Feide can be found here.

Group entitlements from Common Student System (FS)

This is only available to services that integrate with Feide using the OpenID Connect protocol.

FS is the Common Student System (Felles studentsystem). It is a study administration system developed for universities, scientific colleges and national university colleges. FS is developed by Unit – The Norwegian Directorate for ICT and Joint Services in Higher Education and Research.

Feide has an agreement with Unit for obtaining the following group information for users in higher education: subjects, classes, years and programs.

To get this access to this group data, Uninett must enable it for your service. Send a request to with name of the service and why the service needs information about groups from FS.

Group members’ identifiers (groups-memberids)

Identifiers of other members of the user’s groups

This allows the service to retrieve information about teachers and students in a group, without each student having logged in beforehand.

This is only available with OIDC-configuration

To get this information in the attribute group, Uninett need to add this to the service. Send a request to containing the name of the service and why the service needs information about groups.

More information about receiving this information, read about the group API.

Custom prefix (userinfo-entitlement)

Custom prefixes for the eduPersonEntitlement attribute.

Not commonly used attributes

Other groups (groups-other)

Ad hoc groups from

Date of birth (userinfo-birthdate)

Attribute name


Date of birth


Year of birth

Title (userinfo-title)

Attribute name


Title in the organization

Other phone number (userinfo-phone)

Attribute name


Telephone number


Home telephone number

Local identity number (userid-lin)

Attribute name


Local identity number, i.e. student or employee number

ORCID researcher identifier (userid-orcid)

Attribute name


ORCID researcher identifier