Collaboration Platform Service Details
SAML EntityID: https://login.at.internet2.edu/Saml2/proxy_saml2_backend.xml
Friendly Name | SAML Attribute Name | Required? |
---|---|---|
eduPersonPrincipalName (ePPN) | urn:oid:1.3.6.1.4.1.5923.1.1.1.6 | Yes |
urn:oid:0.9.2342.19200300.100.1.3 | Yes | |
displayName | urn:oid:2.16.840.1.113730.3.1.241 | Yes* |
givenName | urn:oid:2.5.4.42 | Yes* |
sn (surname) | urn:oid:2.5.4.4 | Yes* |
affiliation (scoped) | urn:oid:1.3.6.1.4.1.5923.1.1.1.9 | No |
NOTE: This service requires signed responses and will reject assertions where only the assertion itself is signed. This is to help mitigate against signature wrapping attacks and is in compliance with the "SAML V2.0 Implementation Profile for Federation Interoperability" standard published here (specification IIP-SP13).
* Some form of name must be sent. The displayName attribute will be used if it is sent. Otherwise, givenName and sn must be sent and will be concatenated to form the 'Name'.
See What You are Releasing
If you'd like to see the attributes the Collaboration Platform is receiving from your Identity Provider, use this page to choose your identity provider and you will be directed to a page showing that information.
Research & Scholarship
This service uses Research & Scholarship entity category.
We encourage you to take this opportunity to support the Research & Scholarship (R&S) entity category. When you support R&S, you release the attribute bundle to the entire category of Service Providers (which are vetted by InCommon or one of our sister federations that are part of eduGAIN - you can see a list here).
The R&S attribute bundle includes the following required data elements.
- shared user identifier
- person name
- email address
and one optional data element:
- affiliation
For more information, see item #5 on the R&S entity category description.
There is a wiki page that provides detailed information and instructions on how to configure your IdP to release the R&S attributes to all R&S Service Providers.