Entity categories

During the completion of the EdTech agreement, an Entity Category for Single Sign On is defined. The application obtains the following attributes through the SSO-Token based on the Entity Category:

Attribute	Obsolete	Full	Extended	Standard	Sparse	Note
VERSION		x	x	x	x	Version of the token specification
SECCLASS		x	x	x	x	Security class of the logged-in user
EID-ISSUING-NATION		x	x	x	x	Specifically for ID Austria: State that issued the electronic identification medium
EID-SECTOR-FOR-IDENTIFIER		x	x	x	x	Specifically for ID Austria: Limitation of scope
EID-IDA-LEVEL		x	x	x	x	Citizen's authentication level during eID registration
EID-SIGNER-CERTIFICATE		x	x	x	x	ID Austria: Base64-encoded certificate used during registratio
PRINCIPAL-NAME		x	x	x		User's Last Name
GIVEN-NAME		x	x	x		User's First Name
BPK		x	x	x	x	bPK-BF including scope specification
USERID		x	x	x		Username from the main portal where the user is currently logged in
GID		x	x	x	x	Unique global identifier (= bPK-BF)
MAIL		x	x	x		E-mail address from the main portal where the user is currently logged in
SAPNR		x	x	x		SAP personal number from the main portal where the current user is logged in
STUDENTIDS	x	x				Sokrates IDs for students from the Sokrates/Federal administration school management
O		x	x	x		School number of the main school (during registration via agency portal)
AFFILIATION		x	x	x		List of all roles of the logged-in person at all schools
APPPERMISSION		x	x	x	x	List of roles at different schools from the viewpoint of the called application
USERGROUPS		x	x	x		Class affiliations for teachers and students per school and role
IDP		x	x	x	x	Full hostname of the original login portal
PUPILS		x	x			List of students assigned to a parent (as a guardian) according to the school administration
LEGALGUARDIANS		x	x			List of bPK:BF of assigned guardians
BIRTHDATE		x				ID Austria specifically: Birthdate from the ID Austria registration