Versions Compared

Old Version 32

changes.mady.by.user Albert Wu (internet2.edu)

Saved on

compared with

New Version 33

changes.mady.by.user Albert Wu (internet2.edu)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space federationedit and version 2.9

Jump to: 

Table of Contents
maxLevel1
exclude(On this page)|(In this section)|(Related content)|(Get help)
typeflat
separatorpipe

Overview

eduPersonScopedAffiliation defines a set of controlled vocabulary specifying a person's relationship(s) to the institution in broad categories such as student, faculty, staff, alum, etc. eduPersonScopedAffiliation is defined in the eduPerson LDAP object class. 

This identifier is scoped and of the form affiliation@scope:

  • The left component (affiliation) is one of the values from the eduPersonAffiliation controlled vocabulary. Within the same assertion, the values asserted in eduPersonAffiliation should match those asserted in eduPersonScopedAffiliation.

  • The scope portion MUST be the administrative domain of the identity system where the identifier was created and assigned. The scope portion MAY contain any Unicode character. The length of the scope portion MUST be less than or equal to 256 characters. Note that the use of characters outside the seven-bit ASCII set or extremely long values in the scope portion may cause issues with interoperability. 

See also: Scope in InCommon metadata

Permissible values

See controlled vocabulary for user-attr-edupersonaffiliation.


OID1.3.6.1.4.1.5923.1.1.1.9
LDAP Syntax

Directory String

# of Valuesmulti-valued
ReferenceseduPerson

SAML Response Example

Code Block
languagexml
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"         
                xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" 
                ID="..." Version="2.0" IssueInstant="2020-07-17T01:01:48Z" 
                Destination="...." InResponseTo="...">
 ...
 <saml:Assertion ...>
  ...
   <saml:AttributeStatement>
    <saml:Attribute xmlns:x500="urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500"
                    NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
                    Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" 
                    FriendlyName="eduPersonScopedAffiliation"
                    x500:Encoding="LDAP">
      <saml:AttributeValue xsi:type="xsd:string">member@example.edu</saml:AttributeValue>
      <saml:AttributeValue xsi:type="xsd:string">faculty@example.edu</saml:AttributeValue>
      <saml:AttributeValue xsi:type="xsd:string">employee@example.edu</saml:AttributeValue>
      <saml:AttributeValue xsi:type="xsd:string">alum@example.edu</saml:AttributeValue>
   </saml:Attribute>
   ...
   </saml:AttributeStatement>
 </saml:Assertion>
</samlp:Response>


See Also



Working with user data

Content by Label
showLabelsfalse
max10
showSpacefalse
cqllabel = "inc-user-attribute" and space = currentSpace()

Related content

Content by Label
showLabelsfalse
max100
showSpacefalse
sorttitle
cqllabel = "inc-user-data-primer" and space = currentSpace()

Get help

Can't find what you are looking for?

Button Hyperlink
iconhelp
titleAsk the community
typeprimary
urlask-the-community