Istituto Superiore per la


 Protezione e la Ricerca Ambientale




IDEM Federation Identity Management for federated access


Ispra joins the IDEM Federation (IDEntity Management for federated access), the Authorization and Authentication infrastructure of the GARR network, the Italian education and research network, which coordinates activities, providing the central infrastructure and services and managing the adhesions.

IDEM, the first Italian Federation of Authentication and Authorization (AAI) infrastructures, aims to allow users of the national scientific and academic community to easily access services and contents on the web made available by different organizations.

Membership of IDEM offers ISPRA users the advantage of using only institutional login credentials to access all available resources through the Federation.

Services accessible through the Federation are made available by IDEM members and partners .

For problems or information regarding the IDEM Federation send e-mail to: .



Notes on the release of user attributes for using IDEM-GARR-AAI federation authentication

Participation in the IDEM Federation foresees the release of some user attributes following an exnamination of the IdP


  Below is a list of the attributes treated by the Ispra IDP.
For each Service that will be accessed (SP) only the required attributes will be released among those listed:


    • surname: (Surname)
    • givenName: (Name)
    • commonName: (Name Surname)
    • displayName :(Name Surname)
    • preferredLanguage: (Lingua preferita)
    • title: (titolo es: Dr., Ing.)
    • email: (E-mail)
    • mobile: (Mobile)
    • telephoneNumber: (Telephone Number)
    • facsimileTelephoneNumber: (facsimile Telephone Number)
    • eduPersonOrgDN: (The user organization)
    • eduPersonOrgUnitDN: (The organizational unit of belonging to which the person is associated)
    • eduPersonScopedAffiliation: (Specifies your affiliation within a particular security domain in broad categories such as student, faculty, staff, alum, etc)
    • eduPersonTargetedID: (A persistent, non-reassigned, opaque identifier for a principal.)
    • eduPersonPrincipalName: (A scoped identifier for a person.)
    • eduPersonAffiliation: (Type of affiliation - faculty, student, staff, alum, member, affiliate)
    • eduPersonEntitlement: (A simple example would be a URL for a contract with a licensed resource provider)
    • schacHomeOrganization (The persons home organization using the domain of the organization.)
    • schacMotherTongue: (The language the person learns first, ie the person is a native speaker of the language.)
    • schacPersonalTitle: (The salutation or personal title of the person)
    • schacPersonalPosition: (Qualification held in the organization.)
    • schacUserPresenceID: (To store a set of values related to network presence protocols)