Versions Compared

Old Version 41

changes.mady.by.user Albert Wu (internet2.edu)

Saved on

compared with

New Version 42

changes.mady.by.user Albert Wu (internet2.edu)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space federationedit and version 2.14

Jump to: 

Table of Contents
maxLevel1
exclude(On this page)|(In this section)|(Related content)|(Get help)
typeflat
separatorpipe

Overview

eduPersonTargetedID (eptid) is a user identifier attribute defined in the eduPerson LDAP object class. It is a persistent, non-reassigned, opaque identifier.  eduPersonTargetedID is designed to prevent two relying parties receiving user information from an Identity Provider from correlating user information, thus revealing the user identity when it is not intended. 

OID1.3.6.1.4.1.5923.1.1.1.10
LDAP Syntax

Directory String

# of Valuesmulti-valued
ReferenceseduPerson


eduPersonTargetedID is deprecated. It will be marked as obsolete in a future release of the eduPerson Object Class specification.

See: Why is eduPersonTargetedID deprecated?

Use in the InCommon Federation

eduPersonTargetedID is deprecated. Deployers who currently rely on eduPersonTargetedID should devise plans to transition to use the SAML 2 Pairwise Subject Identifier instead.  

eduPersonTargetedID may be required to satisfy the REFEDS Research & Scholarship (R&S) entity category's requirement for shared user identifier if the IdP's implementation of eppn permits reassignment. 

SAML Response Example

Code Block
languagexml
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"         
                xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" 
                ID="..." Version="2.0" IssueInstant="2020-07-17T01:01:48Z" 
                Destination="..." InResponseTo="...">
  ...
  <saml:Assertion ...>
    ...
    <saml:AttributeStatement>
      <saml:Attribute xmlns:x500="urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500"
                      NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
                      Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" FriendlyName="eduPersonTargetedID" 
                      x500:Encoding="LDAP">
         <saml:AttributeValue xsi:type="xsd:string">?todo?provide-example-eptid</saml:AttributeValue>
      </saml:Attribute>
      ...
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>


See Also



Working with user data

Content by Label
showLabelsfalse
max10
showSpacefalse
cqllabel = "inc-user-attribute" and space = currentSpace()

Related content

Content by Label
showLabelsfalse
max100
showSpacefalse
sorttitle
cqllabel = "inc-user-data-primer" and space = currentSpace()

Get help

Can't find what you are looking for?

Button Hyperlink
iconhelp
titleAsk the community
typeprimary
urlask-the-community