...
InCommon reviews all applications from potential R&S service providers. The InCommon Technical Advisory Committee and the InCommon Steering Committee review and approve the requests. Visit the Federation Info pages for a complete list of all R&S service providers.
...
What is the R&S attribute bundle?
The R&S category defines the following attribute bundle:
- personal identifiers: e-mail address, person name,
eduPersonPrincipalName
- pseudonymous identifier:
eduPersonTargetedID
- affiliation:
eduPersonScopedAffiliation
where e-mail address refers to the mail
attribute and person name refers to displayName
and optionally givenName
and surName
.
a bundle of attributes that SPs choose from. InCommon identity providers that support R&S release some a minimal subset of this attribute bundle to R&S category SPs. Sites are strongly encouraged to configure their IdPs to support R&SDetailed deployment considerations for IdP site administrators are provided elsewhere in this wiki.
Do all R&S SPs require all attributes in the bundle?
...
An IdP has at least three deployment options (in increasing order of deployment difficulty):
- Release a fixed subset of the R&S bundle (or the R&S bundle itself) for to all SPs
- Release a fixed subset of the R&S bundle (or the R&S bundle itself) for to all R&S SPs (leveraging an entity attribute in SP metadata)
- Release a precise varying subset of the R&S bundle for to each R&S SP (depending on an SP-by-SP basis requested attributes in SP metadata)
The Shibboleth IdP software supports either of the first two options out-of-the-box. The latter option requires a special plugin at the Shibboleth IdP. Deployment options are discussed more thoroughly in the wiki.
...