Background

Identity APIs are generally used to convey attributes between systems. There is no shortage of interface-specific ways to specify attributes, this proliferation creates complexity in attribute mapping and implementations.

Scope

  1. Define an "abstract" (ie: not bound to any particular representation) dictionary of attributes for use in TAP APIs.
    1. Inclusive of attributes used between Systems of Record, Identity System components, and Provisioning Targets.
    2. Support local extensions, probably via some form of namespacing (prefixes, etc).
  2. Define a generic JSON representation of the abstract dictionary.
  3. Optionally map the dictionary to existing interfaces, including eduPerson, voPerson, and SCIM.
  4. Work with the Trust and Identity Document Steward and/or the REFEDs Schema Editorial Board to identify a proper home for this work.

Working Documents

  1. Core Schema Approach Considerations

Existing Work

  1. Original SOR-Registry Core Schema Specification and subsequent Core Attribute Specification derivative.
  2. TIER/TAP Minimal Registry Person Core Schema
  3. eduPerson 2020-01 and Markdown representation
  4. voPerson v1.1.0
  5. SCIM Core Schema (RFC 7643)
  6. schema.org Person attributes
  7. OIDC Standard Claim attributes
  8. IMS Enterprise Services Common Data Definitions
  • No labels

2 Comments

  1. Keith Hazelton (internet2.edu)

    NOTE: For expediency's sake, as step one, define a JSON Schema specification for the Core Schema; THEN, as resources permit, derive an abstract schema dictionary from the JSON schema. The JSON Schema spec will in turn help speed the process of drafting OpenAPI 3.0 specifications.

  2. Keith Hazelton (internet2.edu)

    NOTE: Work item: Align Core Attribute Specification with the T&I Minimal Registry Person Schema (JSON Schema representation)