You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Policy for NROs

Policy for eduroam IdPs

eduroam IdP administrators are bound by the requirements as set forth in the eduroam Service Definition. The specific service eduroam Managed IdP needs additional Terms and Conditions on top of that baseline.

These terms and conditions are displayed and need to be acknowledged by the eduroam IdP administrator before he can actually start using the system (pop-up with sign-off requirement).

The development team proposes the following Terms and Conditions:


As an eduroam IdP administrator using this system, you are authorized to create user accounts according to your local institution policy. You are fully responsible for the accounts you issue. In particular, you

  • only issue accounts to members of your institution, as defined by your local policy.
  • must make sure that all accounts that you issue can be linked by you to actual human end users of eduroam
  • have to immediately revoke accounts of users when they leave or otherwise stop being a member of your institution
  • will act upon notifications about possible network abuse by your users and will appropriately sanction them

Failure to comply with these requirements may lead to the deletion of your IdP (and all the users you create inside) in this system.

With this product, eduroam Operations is not interested in and strives not to collect any personally identifiable information about the end users you create. To that end,

  • the usernames you create in the system are not expected to be human-readable identifiers of actual humans. We encourage you to create usernames like 'hr-user-12' rather than 'Jane Doe, Human Resources Department'. You are the only one who needs to be able to make a link to the human behind the identifiers you create.
  • the identifiers in the eduroam access credentials are not linked to the usernames you add to the system; they are pseudonyms.
  • each access credential carries a different pseudonym, even if it pertains to the same username.

Policy for end users

eduroam end users are being presented a lightweight Acceptable Use Policy by the time they visit the download page.

Actually downloading the installer in question is deemed acceptance of those terms.

The development team suggests the following AUPs:


You can now download a personalised eduroam® installation program.The installation program is strictly personal, to be used only on this device (device identifier, such as "Linux"), and it is not permitted to share this information with anyone.

When the system detects abuse such as sharing login data with others, all access rights for you will be revoked and you may be sanctioned by your local eduroam® administrator.

  • No labels