"Research and Scholarship" Entity Category FAQ

Where is the official Research and Scholarship definition?

The formal, approved definition of the REFEDS Research and Scholarship (R&S) Entity Category is published on the REFEDS website. (Note that the URI value of the REFEDS entity attribute resolves to the R&S specification.)

What type of resources do you consider "research and scholarship"?

The category definition says that: 

"Candidates for the Research and Scholarship (R&S) Category are Service Providers that are operated for the purpose of supporting research and scholarship interaction, collaboration or management, at least in part."

"Example Service Providers may include (but are not limited to) collaborative tools and services such as wikis, blogs, project and grant management tools that require some personal information about users to work effectively. This Entity Category should not be used for access to licensed content such as e-journals."

Broadly this means that R&S is intended for platforms and services used by researchers where some sort of collaboration, discussion or interaction is required, making the release of personally identifiable information necessary for the service to work properly.  Think about issues like:

As a federation, you should be satisfied that the release of personal data is an essential part of the operation of the service (and not purely to activate added features) and that the service in question, whether commercial or not, exists to support research and scholarship as a primary function.  

Things that should not be included in this category include:

What Attributes should be released as part of R&S?

The "attribute bundle" for R&S is defined in section 6 of the specification. The specification sets out a set of attributes that Identity Providers are encourage to release as follows:

Service Providers should only request attributes that the service actually uses, so for example if email address is not required by the service it should not be requested.  The specification does not explicitly prevent Providers from requesting attributes outside the R&S attribute bundle but the expectation is that they should not.  R&S works at its optimum for both Identity Providers and Service Providers when the bundle is treated as the maximum set of attributes requested.   Service Providers requiring more unique / bespoke attribute bundles should talk to the REFEDS community.

What exactly is meant by a "production SAML deployment?"

The following REFEDS R&S requirement:

4.3.1 The Service Provider is a production SAML deployment that supports SAML V2.0 HTTP-POST binding.

may be interpreted as the following pair of requirements:

The latter includes dev and/or staging instances of the overall Service Provider deployment.