What is the EWP Admin role?
The EWP Admin role (Erasmus Without Paper Administrator role) has been defined to enable authorised representatives of Higher Education Institutions (HEIs) participating in Erasmus+ activities to login in a federated manner to EWP tools to manage their EWP information and settings. 
The EWP Admin is encoded as an eduPersonEntitlementa SAML2 attribute named eduPersonEntitlement (urn:oid:1.3.6.1.4.1.5923.1.1.1.7), assigned by the HEI participating in the Erasmus+ to the staff members that need to access the EWP network management tools (such as EWP Registration Portal, etc.).
The EWP Admin role is transported via eduGAIN, upon successful authentication of the entitled staff.
EWP Admin Role Specification
For HEIs/Identity Providers
HEIs supporting the EWP Admin role should shall release this information for the appropriate staff members in the SAML2 Assertions issued by their Identity Provider to MyAcademicID as an eduPersonEntitlement attribute with the following value:
...
For more information about the full list of attributes expected from Identity Providers, read Attributes required from Higher Education Institutions
For EWP Service Providers
- EWP Services which use SAML2 to connect to MyAcademicID will receive the information as an eduPersonEntitlementattribute.
- EWP Services which use the OpenID Connect to connect to MyAcademicID will receive the information as an entitlement claim.
| Code Block | 
|---|
| urn:geant:myacademicid.org:<sHO>:ewp:admin | 
<sHO> is the Higher Education Institution's schacHomeOrganization value.
...
