10. Appendix 3 - Registration of group information within eduPersonEntitlement#

Services are facing an increasing demand for information about users basis-groups/classes, educational groups and other groups. Based on this, students and teachers group information shall be registered. In Feide eduPersonEntitlement is the chosen field for group information.

The person’s information about groups is constructed in such a way that it is connected to each school the person is affiliated to.

10.1. Everyone that is connected to the group shall have the information registered#

All persons connected to a group shall have the information registered on their person object. This will usually be students and teachers, but might also be other persons that have a format connection to the day to day work performed within the group.

Group information shall contain the groups a person affiliates to. It is not expected that information about historical groups is kept.

10.2. Group types#

It is defined three group types which can be expressed as:

  • Basis-group/class

  • Educational group - for course/fields within the Grep code collection

  • Other groups - project groups, educational groups outside Grep and more.

Basis-group/class and educational groups are mandatory to register for a person affiliated to some of these, while other groupings may be registered.

10.3. Information elements about group and the person’s relation to the group#

Each group affiliation that is registered for a person contains 8 information elements:

Information element Description
Group type Shows which type of group this is. Valid values are 'b', 'u' and 'a' for respectively basis-groups/class, educational group and other group.
Grep-code For educational groups, it will be the code to the field that the educational group belongs to in the Grep code collection. For basis-groups and other groups it shall be an empty value
Organization number/
business number
Organization number/business number to the school/school-owner the group belongs to. For most groups it will be connected to the school, but there might be groups that are directly connected to the school-owner
Local group-ID An identifier of the group where name standards are defined by school/school-owner. Shall be unique within the group that the school/school-owner belongs to.
Start time The first day the group is active/valid. ISO 8601 extended format for date, YYYY-MM-DD.
End time The last day the group is active/valid. ISO 8601 extended format for date, YYYY-MM-DD.
Role The person's role within the group. Valid values are the same as for eduPersonAffiliation. A person shall only inhibit one entry for role within the group, for instance faculty, and not the whole hierarchy as seen in eduPersonAffiliation.
group name
The group's human readable name that will be presented in the services.

Grep codes, roles and descriptive name are registered for group affiliation, but not for group identifiers. These three fields can change, even though identifying the same group.

10.4. Formatting of group information#

Each group affiliations are registered as its own line within eduPersonEntitlement.

The line shall start with the prefix urn:mace:feide.no:go:group: followed by each information element in the same order as in the table above. Each information element is separated from each other with a colon, :.

To be able to transfer values from one system to another, RFC 8141 and RFC 3986 defines which values that are valid, which values are used directly and which ones that have to be percent-encoded. URNs are limited to ASCII so most special characters and norwegian characters must be percent-encoded in the transfer. One will use UTF-8 translation first and then used US-ASCII (RFC 8141 2. Syntax). This is performed by translating these characters to %<hex><hex>. For instance the norwegian character ‘å’ will be translated from UTF-8 into two octets, which will then be encoded and become %C3%A5.

<Space> is a special case. Many functions for percent-coding codes this into + which deviates with RFC 3986. The correct case for URNs are %20. Host organizations should make sure that this is correct, while service providers should take into account both formatting’s of <space>.

For group information, : will be used as separator between information elements. If this character is used inside information elements, for instance in the descriptive name or the local group-ID, this has to be encoded as %3A.

10.5. Case-sensitivity#

Information elements for group information shall be treated case-insensitive, see RFC 8141 opening for functional comparison of the values

10.6. Examples for group information in eduPersonEntitlement#

10.6.1. Student in basis-group/class 6A at Berg school (Trondheim kommune)#

Group type: b
Grep-code: <empty value>
Organization number: NO975278964
Local group-ID: 6A
Role: Student – ’student’ in Feide.
Start time: 1. aug 2014
End time: 15. jun 2015
Descriptive name: Klasse 6A


10.6.2. Teacher in educational group 2kja at Tiller VGS#

Group type: u
Grep-code: REA3012
Organization number: NO974558386
Local group-ID: 2kja – Lower case is used in this example, but the value is case-insensitive.
Role: Teacher – ’faculty’ in Feide
Start time: 1. aug 2014
End time: 15. jun 2015
Descriptive name: Kjemi 2A


10.6.3. Student in educational group Norsk VG3 at Tiller VGS#

Group type: u
Grep-code: NOR1211
Organization number: NO974558386
Local group-ID: 3aaa/3nh
Role: Student
Start time: 1. aug 2014
End time: 15. jun 2015
Descriptive name: Norsk hovedmål VG3


10.6.4. Student in lab-group 3 Fysikk VG3 at Tiller VGS#

Group type: a – andre grupper
Grep-code: <tom verdi>
Organization number: NO974558386
Local group-ID: 3fysa/lb3
Role: Student
Start time: 1. aug 2014
End time: 31. des 2014
Descriptive name: Labgruppe 3 Fysikk VG3