Jump to:
Table of Contents | ||||||||
---|---|---|---|---|---|---|---|---|
|
Getting Started
- Read me first: introducing-user-data
- Choosing the right user identifiers
- Handling data exchange in SAML
Streamline access with entity categories
Streamline user access with R&S
<future>REFEDS Authentication Only entity category</>
<future>REFEDS Anonymous Authorization entity category</>
<future>REFEDS Pseudonymous Authorization entity category</>
- R&S Explained in Plain English
References and additional reading
- eduPerson LDAP Object Class schema
- SAML v2.0 Subject Identifier Attributes Profile Version 1.0
- <future> Attributes vs "claims" (for the Microsoft / OIDC etc. camp)
- <future> Privacy considerations
- <future> Negotiating data release
- <future> Consent?
Attributes (supported?)
Popular User Attributes in InCommon
Person
identifiersIdentifiers
- SAML General Purpose Subject Identifier (subject-id)
- SAML Pairwise Subject Identifier (pairwise-id)
- eduPersonPrincipalName (eppn)
- eduPersonTargetedID (eptid) -deprecated-
- user-attr-epuid
Person
characteristicsCharacteristics and
contactsContacts
Authorization
support informationeduPersonOrgDNSupport Information
- user-attr-edupersonaffiliation
- user-attr-edupersonscopedaffiliation
- user-attr-edupersonentitlement
- memberOf
Identity Assurance Information
- user-attr-edupersonassuranceisMemberOf