Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Note

This document is based on an early draft by Benn Oshrin (internet2.edu)

There are no required attributes from the perspective of the Core Schema. It is up to a given protocol or implementation to determine what attributes are required, and how such status is conveyed between participants.

...

Code Block
{
  "identifiers":[
    {
      "type":"enterprise",
      "value":"E12345678",
    },
    {
      "type":"network",
      "value":"jqs123"
    }
  ]
}

Attribute

...

Attribute Release Policies are encoded in metadata, as described below. The following policies are defined:

  • public: The attribute and value may be used without restriction.
  • internal: The attribute and value are to be used for official institutional purposes only, and may not be redistributed without permission.
  • private: The attribute and value may not be used for any purpose without permission.

Attribute Data Types

  • binary
  • boolean
  • country: ISO 3166-1 two letter country code
  • date: YYYY-MM-DD format (ISO 8601)
  • dateTerm: A datestamp used to indicate intervals such as a semester, trimester, or quarter. The general format is YYYY-L#, where L is one of H (half year), T (third), or Q (quarter), and # is the sequential number. eg: 2015-H2 designates the second semester of the 2015 academic year (and so might physically be in the year 2016).
  • dateTime: YYYY-MM-DDTHH:MM:SSZ format (ISO 8601)
  • integer
  • locale: LL_CC format (ISO 639-1 two letter language code, an underscore, ISO 3166-1 two letter country code)
  • region: ISO 3166-2 subdivision code, not including country prefix (eg: BC not CA-BC)
  • string: Strings are case-preserving but not case-sensitive
  • extensibleVocabulary: The Core Schema vocabulary should be supported when described values are relevant, however implementations may add to the vocabulary. How supported values are conveyed between participants is outside of the scope of this document. Extended vocabulary must begin with x-.

...

All attribute names and other elements specified here are case sensitive. eg: official and OFFICIAL are not the same.

Metadata

...

Person

...

  • meta/created: Timestamp of record creation, in dateTime format
  • meta/id: Identifier for this specific (sub)attribute
  • meta/lastModified: Timestamp of last modification, in dateTime format
  • meta/release: Attribute release policy, as described above

Person Core Attributes

Attribute

Data Type

Definition

Multi-Valued? (Parent Attribute)

address



Yes (addresses)

address/country

country

Country from a postal address

One per parent object

address/formatted

string

Address rendered as a single string, possibly with embedded newlines (\n)

One per parent object

address/locality

string

Locality information from a postal address (city, etc)

One per parent object

address/language

locale

The language encoding of the address

One per parent object

address/postalCode

string

Postal code from a postal address

One per parent object

address/region

region

Region information from a postal address (state, province, etc)

One per parent object

address/room

string

Room information from a postal address

One per parent object

address/streetstreetAddress


(warning) Changing to streetAddress was street

string (multi-line)

Street/site information from a postal address (street name, house number, etc)

One per parent object

address/type

extensibleVocabulary:

  • campus
  • home
  • office
  • parent
  • postal
  • summer
  • former-anytype

The type of the address

One per parent object

address/verified

boolean

True if the address has been verified

One per parent object

citizenship

country

Country of citizenship of the person

Yes (citizenships)

dateOfBirth

date

The date of birth of the person

No

emailAddress



Yes (emailAddresses)

emailAddress/address

string

The email address

One per parent object

emailAddress/type

extensibleVocabulary: 

  • delivery
  • department
  • department-deptlabel
  • forwarding
  • official
  • personal
  • preferred
  • former-anytype

The type of the email address

One per parent object

emailAddress/verified

boolean

True if the address has been verified

One per parent object

ethnicity

extensibleVocabulary: 

  • africanAmerican
  • alaskaNative
  • americanIndian
  • asian
  • hispanic
  • nativeHawaiian
  • other
  • pacificIslander
  • white

The ethnicity of the person (US Census)

Yes (ethnicities)

gender

extensibleVocabulary: 

  • female
  • male

The gender of the person

No

identifier



Yes (identifiers)

identifier/identifier

string

The identifier

One per parent object

identifier/authority
stringThe system or authority that assigns and manges this identifierOne per parent object

identifier/type

extensibleVocabulary: 

  • applicant
  • badge
  • badge-barcode
  • badge-chip
  • badge-magstripe
  • enterprise
  • external
  • national
  • network
  • referenceId
  • role
  • role-affiliate
  • role-alumni
  • role-employee
  • role-guest
  • role-student
  • sor
  • sor-affiliate
  • sor-alumni
  • sor-employee
  • sor-guest
  • sor-student
  • former-anytype

The type of the identifier

  • applicant: Identifier assigned to an applicant (eg: student application registration system)
  • badge: Identifier as encoded on a badge/physical ID card
  • badge-barcode: Identifier as encoded on a 1D or 2D barcode printed on a badge
  • badge-chip: Identifier as stored on a smart chip (contact or NFC) embedded in a badge
  • badge-magstripe: Identifier as encoded on a magnetic stripe of a badge
  • enterprise: Persistent identifier used to uniquely identify an individual across the enterprise
  • external: Identifier assigned by an external (federated) system
  • national: Government issued identifier (eg: SSN)
  • network: Identifier used for access to network services (eg: NetID)
  • referenceId: An ID Match reference identifier
  • role: Persistent identifier for a given role, used by an individual system of record and/or registry
  • role-*: Persistent identifier for a given role assigned by the specified system of record
  • sor: Persistent identifier used by an individual system of record
  • sor-*: Persistent identifier assigned by the specified system of record

One per parent object

identityProof



Yes (identityProofs)

identityProof/dateOfBirth

date

Date of birth, as confirmed on document

One per parent object

identityProof/documentIssuer

string

Name of agency issuing the confirmation document

One per parent object

identityProof/documentType

extensibleVocabulary:

  • driversLicense
  • national
  • passport
  • regional
  • tribal

Type of document used to confirm identity

  • driversLicense: Photo ID used to license drivers
  • national: ID issued by a national government, other than drivers licenses or passports
  • passport: Passport, including Passport Cards
  • regional: ID issued by a regional government (such as states or provinces), other than drivers licenses
  • tribal: ID issued by a tribal government (such as Native American tribes)

One per parent object

identityProof/fullName

string

Full name, as confirmed on document

One per parent object

identityProof/status

extensibleVocabulary:

  • expired
  • invalid
  • valid

Status of the identity proofing

One per parent object

identityProof/timeVerified

dateTime

Time document was confirmed

One per parent object

identityProof/verifiedAddress

string

Address, as confirmed on document

One per parent object

name



Yes (names)

name/family

string

The component of the person's name excluding the given, middle, and honorific components

One per parent object

name/formatted

string

The person's name, suitably formatted for display

One per parent object

name/given

string

The component of the person's name excluding the middle, family, and honorific components

One per parent object

name/language

locale

The language encoding of the person's name

One per parent object

name/middle

string

The component of the person's name excluding the given, family, and honorific components

One per parent object

name/prefix

string

The honorific prefix of the person's name, such as "Dr" or "Ms"

One per parent object

name/suffix

string

The honorific suffix of the person's name, such as "Jr" or "III"

One per parent object

name/type

extensibleVocabulary:

  • author
  • fka
  • official
  • preferred

The type of the name

  • author: Name suitable for publishing (eg: on academic papers)
  • fka: "Formerly Known As", a previous name for the person (eg: maiden name)
  • official: Name as found on government-issued ID
  • preferred: Name as self-asserted

One per parent object

photo



Yes (photos)

photo/data

binary

Encoding of a photo of the person

One per parent object

photo/encoding

extensibleVocabulary:

  • bmp
  • gif
  • jpg
  • png
  • tiff

The encoding used for the photo

One per parent object

photo/type

extensibleVocabulary:

  • badge
  • official
  • personal

The type of the photo (not the encoding)

  • badge: Photo used on an ID card
  • official: Photo taken for official purposes (such as display in a faculty directory)
  • personal: User supplied photo for non-official purposes

One per parent object

primaryAffiliation

string

The primary affiliation for the person, as defined by the institution (values same as for Person Role affiliation attribute, below)

No

primaryCampus

string

The primary campus location for the person, as defined by the institution

No

role


Parent attribute for Role attributes, described below

Yes

telephoneNumber



Yes (telephoneNumbers)

telephoneNumber/number

string

Telephone number for the person, preferably in + notation

One per parent object

telephoneNumber/type

extensibleVocabulary:

  • campus
  • fax
  • home
  • mobile
  • office
  • summer
  • former-anytype

The type of the telephone number

One per parent object

telephoneNumber/verified

boolean

True if the telephone number has been verified

One per parent object

test

boolean

True if this record represents a test entry

No

url



Yes (urls)

url/url

string

URL for the person

One per parent object

url/type

extensibleVocabulary:

  • official
  • personal

The type of the telephone number

One per parent object

visa

extensibleVocabulary:

  • permanentResident
  • A
  • A-2
  • B-1
  • B-2
  • BCC
  • C
  • CR1
  • D
  • E
  • E-3
  • F
  • G-1
  • G-2
  • G-3
  • G-4
  • G-5
  • H-1B
  • H-1B1
  • H-2A
  • H-2B
  • H-3
  • I
  • IR1
  • J
  • K-1
  • K-3
  • L
  • M
  • NATO
  • P
  • Q
  • T
  • TD
  • TN
  • U

Visa status of the person

No

...