MPASSid's data model version 1.3 is in use from August 2, 2022
On this page you will find two tables:
- The MPASSid data model 1.3
- A list of attributes sourced by the education provider
The purpose of the data model
The purpose of the publicly available data model table is to provide a clear model of the data brokered through MPASSid from an education provider's registry to the learning service providers. The data model is managed by the Finnish National Agency for Education.
Attributes sourced to MPASSid by the education provider
As a member of the MPASSid trust network, each education provider functions as the registrar and manager of their end users' personal data brokered through MPASSid.
Attributes brokered by MPASSid from EDUFI's organisation service
The information of each education provider in Finland is stored in EDUFI's organisation service. When a user logs in through MPASSid, the appropriate data for the user's education provider is retrieved from the organisation service based on the institution's school code (ascribed by Statistics Finland; see School code in the data model).
Read more about EDUFI's organisation service in Finnish
Explanations for the columns in the data model table
- Version:
- v1.0
- v1.1 in use from September 1, 2020
- v1.2 in use from January 4, 2022
- v1.3 in use from August 2, 2022
- Data: the name of the data field
- Example: an example of data applicable in the field
- Attribute name: the name of the attribute in the SAML and OIDC protocols
- Multivalue: An attribute a single person may have one or more of. For example, one person may have two school attributes, which is fairly typical case with a teacher affiliated with several schools.
- Attributes marked with "X" are multivalued
- An empty field indicates a single-valued attribute, of which a person may have only one. For example, one person may have only one surname attribute.
- See rules of the multivalue attributes (available in Finnish) Moniarvoisten attribuuttien säännöt
- Explanation: a more detailed description for the attribute
- Source: description of the source of the data field, whether the attribute is sourced directly from the education provider's registry or if it's formulated by MPASSid based on the information relayed from the education provider
- Education provider
- MPASSid
Data model 1.3
| Version | Data | Example | Attribute names (SAML ja OIDC) | Multivalue | Explanation | Source |
| 1.0 | Family name | Smith | urn:oid:2.5.4.4 (SAML) family_name (OIDC) | The last/family name of the user. | Education provider | |
| 1.0 | First name | Jane | urn:oid:2.5.4.42 (SAML) given_name (OIDC) | The first/given name of the user. | Education provider | |
1.0 | User ID | MPASSOID.c6329e82913e265b3a79c11a043fdab8b06b1a9e | The unique identifier of the authenticated user. Currently recommended identifier for identifying the user. NOTE: will change if the user moves to another user registry. | Education provider | ||
| 1.0 | School code given by Statistics Finland | 00000 | urn:mpass.id:schoolCode | X | The school code of the authenticated user. See official school codes by Statistics Finland: https://www.stat.fi/tup/oppilaitosrekisteri/index_en.html See official school codes of the Statistics Finland published by EDUFI: https://koski.opintopolku.fi/koski/dokumentaatio/koodisto/oppilaitosnumero/latest | Education provider |
| 1.0 | Name of educational institution | Tuntematon | urn:mpass.id:school | X | The human-readable name of the school of the authenticated user. School name is retrieved based on a value of urn:mpass.id:schoolCode. If no name is found this attribute can be empty. | MPASSid |
1.2. | School code with school name | 00000;Tuntematon | urn:mpass.id:schoolInfo | X | Combination of the school code and official name of the educational institution separated with semicolon. | MPASSid |
| 1.0 | Teaching group | 8A or 3B. | urn:mpass.id:class | The class/group information of the authenticated user. | Education provider | |
| 1.0 | Grade | 8 or 3 | urn:mpass.id:classLevel | The class/level information of the authenticated user. | Education provider | |
| 1.3 New! | Learning materials charge | 0;00000 1;00000 | urn:mpass.id:learningMaterialsCharge | X | Information on whether a an upper secondary level student is entitled to free learning materials (in accordance with the extension of compulsory education in 2021) or whether they are liable to be charged for them. The learning materials charge attribute consists of two parts, separated with a semicolon (;). The first part is a code value for whether or not the materials are liable to a charge, and the second part is the education provider's school code from Statistics Finland. The code values for the charge liability are as follows:
This attribute is only formed by MPASSid if the user in question has the "student" role. Read more about the pilot programme and implementation of the Learning materials charge attribute from our annual development plan (in Finnish): Oppimateriaalien maksullisuus - käyttöönotto | MPASSid |
1.2 Transition period until 31.12.2022 | Role v.1.1 | Example student: Helsinki;32132;9A;Oppilas Example teacher: Helsinki;99901;;Opettaja Note: the group attribute is not mandatory for teachers. | urn:mpass.id:role_v1.1 | X | The role of the user. See accepted role values (in Finnish): Sallitut roolit The role consists of four parts, divided with a semicolon (;). First education provider's name, followed by school code, group and the user's role in the group. | MPASSid |
1.2 | Role | 1.2.246.562.10.494695390410;32132;9A;Oppilas | urn:mpass.id:role | X | Note: the content of the role attribute was changed in data model 1.2!
The role of the user. See accepted values (only in Finnish) Sallitut roolit The role consists of four parts, divided with a semicolon (;) character. First education provider-OID, followed by school code, group and the user's role in the group. | MPASSid |
| 1.1 | National learner ID
| 1.2.246.562.24.10000000008 | urn:oid:1.3.6.1.4.1.16161.1.1.27 | The national learner id is a permanent 11-digit identifier to identify the learner i.e. the pupil or student. EDUFI is tasked with managing the registry of national learner IDs as well as generating new ones for the needs of education providers. Read more about the national reader ID (in Finnish): Mikä on oppijanumero? The identifier is presented as an OID on branch 1.2.246.562.24. The eleventh digit of the identifier is a IBM-1-3-7 checksum of the first ten digits. | Education provider | |
| 1.1 | Education provider ID given by EDUFI | 1.2.246.562.10.494695390410 | urn:mpass.id:educationProviderId | X | The education provider id is a permanent identifier to identify the education provider i.e. the organization providing education. The identifier is presented as an OID on branch 1.2.246.562.10. The majority of primary and secondary education providers are municipalities in Finland. | MPASSid |
| 1.1 | Education provider name | Virallinen nimi | urn:mpass.id:educationProvider | X | The education provider is the human-readable name of the education provider. | MPASSid |
| 1.2 | Education provider ID with education provider name | 1.2.246.562.10.494695390410;Virallinen nimi | urn:mpass.id:educationProviderInfo | X | Combination of the education provider's organisation-OID and official name. Separated by semicolon. | MPASSid |
Attributes sourced by the education provider
Data | Example | Multivalue | Explanation | General tips and checking the correctness of the value |
Family name | Smith | The last/family name of the user. | ||
First name | Jane | The first/given name of the user. | ||
User ID | Identifiers vary by user index | The unique identifier of the authenticated user. | If a user does not have a unique User ID, MPASSid will not broker any of the user's attributes to the service provider. | |
School code | 00000 | X | The school code of the authenticated user as ascribed by Statistics Finland. | If this attribute is missing or broken, MPASSid will not broker the following attributes to the service provider for the affected user:
The education provider's School code must be listed as active in EDUFI's organisation service |
Teaching group | 8A or 3B. | X | The class/group information of the authenticated user. | |
Grade | 0 - 10 | The class/level information of the authenticated user. | This must always be a whole number. | |
| Role | One of the allowed roles | X | See allowed role values (in Finnish): Sallitut roolit | If this attribute is missing or broken, MPASSid will not broker the following attributes to the service provider for the affected user:
|
National learner ID | 1.2.246.562.24.10000000008 | The user's national learner generated by EDUFI. Read more about the national reader ID (in Finnish): Mikä on oppijanumero? | ||
| Learning materials charge | 0 or 1 | X | The code values for the charge liability accepted by MPASSid are as follows:
| If this attribute has any other value than 0 or 1, MPASSid will not broker the Learning materials charge attribute to the service provider for the affected user. |