SP申请加入前（Before SP apply to join CARSI)

1. 服务提供会员申请条件（Service Provider application conditions）

1）SP申请单位须是资源的内容提供商，不是代理商，以确保通过CARSI联盟提供公共服务的资源和内容符合国家法律法规相关要求。

1）SP applicants must be content providers of resources, not agents, to ensure that the resources and content of public services provided through CARSI federation comply with Chinese laws and regulations.

2）学校推荐：两所IdP已上线CARSI会员学校作为推荐单位。

2）School recommendation:SP need to find 2 IdP universities as recommendation organizations.

3）确定至少一个面向CARSI用户提供服务的产品（支持web访问的应用资源或信息系统、移动APP等）。

3）Identify at least one product that serve CARSI users (SP resources or information systems that support web access, mobile apps, etc.).

4）采购合同：每个产品的五家高校正式采购合同，在执行期内且具有法律效力。

4）Purchase Contract: the official procurement contract of 5 universities for each product is within the execution period and has legal effect.

2. 应用资源统一访问网址要求（SP Resource access address (URL) requirements）

        CARSI支持web方式访问资源，应用资源需提供统一的访问地址URL，作为各校CARSI用户统一的资源访问入口，放在CARSI网站SP资源列表（https://www.carsi.edu.cn/SPlist.html ），可点击访问。为每个学校提供单独访问链接的应用资源请调整成统一入口后再申请加入CARSI。

CARSI supports web access to resources, and SP resources need to provide a access address URL, which can be used as a unified entrance for CARSI users and placed on the SP resource list of CARSI website（教育网联邦认证与资源共享基础设施CARSI-服务提供商（SP） ）. SP resources that provide separate access addresses for each university should be adjusted into a unified URL before joining CARSI.

3. 学校选择方式（School selection method）

        通过OAuth网关接入的应用资源须使用CARSI资源门户（https://ds.carsi.edu.cn）选择学校，暂不支持其他方式。

SP resources accessed through the OAuth must use the CARSI Resource Portal（https://ds.carsi.edu.cn）to select the university. Other methods aren’t supported.

4. 应用资源产品形态确认（Confirming the Product modality of SP resource）

        资源提供方需提前确定好计划加入CARSI产品的运行形态，如PC端、客户端、移动端（手机App、微信小程序、微信公众号、手机浏览器）等。技术调试时，需考虑支持CARSI访问的产品形态，并在CARSI用户访问流程文档中明确说明。

SP need to plan the Product Modality of joining CARSI products in advance, such as PC, client , and mobile terminal (App, wechat mini program, wechat public account, and mobile browser). When doing technology debugging,SP need to consider the product modality that supports CARSI access and clearly stated in the CARSI User Visit Guide.

5.CARSI可提供的用户身份信息（User Identity Information from CARSI）

        CARSI可向应用资源供以下用户信息：(CARSI provides the following user information to SP:)

1）用户所属大学域名，如pku.edu.cn。

1）The domain name of the user's university, such as pku.edu.cn .

2）用户唯一id：唯一代表用户，永久有效，可读性差，不是学工号，可用于用户追查。学工号是很重要的个人隐私信息，在学校内权限很大，不建议SP资源使用。北京大学CARSI项目组在指导学校部署IdP服务时，会提醒在本地安装数据库，保留pairwise-id或eptid和学工号的对应关系。

2）User unique id: only represent the user, permanent valid, poor readability, not student ID, can be used for user tracing. Student ID is a very important personal privacy information, the school has a large authority, it is not recommended to use. When guiding schools to deploy IdP services, PKU CARSI team will remind to install the database locally and retain the correspondence between pairwise-id or eptid and student ID.

3）用户身份：faculty（教师）、staff（员工）、student（学生）、alum（校友）、member（成员）、affiliate（附属人员）、employee（聘用人员）、other（其他），以上取值为标准取值，建议SP在授权用户时检查，以确保与学校已签署采购合同的服务范围一致。如公司有意重点发展教育行业客户，建议与北大CARSI团队老师沟通，为CARSI师生提供优于市场政策的专享服务内容或折扣。

3）User identity: faculty, staff, student, alum, member, affiliate, employee, and other. The above values are standard values. Suggesting SP check them when authorizing users. To ensure consistency with the scope of services for which the university has signed a purchase contract. If SP intends to focus on developing customers in higher education, it is recommended to provide exclusive service content or discounts for CARSI users that are superior to market policies.

4）其他用户信息可在用户第一次通过CARSI登录、访问应用系统时二次采集。

4）Other user information can be collected twice when the user logs in and accesses the application system through CARSI for the first time.