SWAMID has two defined levels of assurance, SWAMID AL1 (http://www.swamid.se/policy/assurance/al1) and SWAMID AL2 (http://www.swamid.se/policy/assurance/al2).

All by SWAMID approved assurance levels for an Identity Provider are defined in the SAML metadata as a SAML extended attribute urn:oasis:names:tc:SAML:attribute:assurance-certification. The Identity Provider uses the attribute eduPersonAssurance to assert the logged in user's assurance profle. Please observe that the Identity Provider must not indicate any other assurance profile than it's approved for.

• An Identity Provider that has an assurance certfication i metadata for SWAMID AL2 (http://www.swamid.se/policy/assurance/al2) is allowed to assert that a user is approved for SWAMID AL2 or SWAMID AL1.
• An Identity Provider that has an assurance certfication i metadata for SWAMID AL1 (http://www.swamid.se/policy/assurance/al1) is allowed to assert that a user is approved for SWAMID AL1.
• An Identity Provider that has noassurance certfication i metadata is not allowed to assert that a user are approved for a SWAMID assurance profile.