- Created by Albert Wu (internet2.edu), last modified on Feb 09, 2021
Jump to:
Overview
cn
is a user attribute defined in RFC4519→ (Lightweight Directory Access Protocol (LDAP): Schema for User Applications). From RFC4519: "The cn (commonName in X.500) attribute type contains names of an object. Each name is one value of this multi-valued attribute. If the object corresponds to a person, it is typically the person's full name."
Use in the InCommon Federation
cn
is commonly used to transmit a person's full name. As it is a multi-valued attribute, some IdPs may send multiple permutations of the person's name in the cn
attribute.
SAML Response Example
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="...." Version="2.0" IssueInstant="2020-07-17T01:01:48Z" Destination="...." InResponseTo="...."> ... <saml:Assertion ...> ... <saml:AttributeStatement> <saml:Attribute xmlns:x500="urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:2.5.4.3" FriendlyName="cn" x500:Encoding="LDAP"> <saml:AttributeValue xsi:type="xs:string">Mary Jane Chang</saml:AttributeValue> <saml:AttributeValue xsi:type="xs:string">Chang, Mary Jane</saml:AttributeValue> </saml:Attribute> ... </saml:AttributeStatement> </saml:Assertion> </samlp:Response>
See Also
Working with user data
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
Related content
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
Get help
Can't find what you are looking for?