You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 15 Next »

Jump to: 

Overview

eduPersonScopedAffiliation defines a set of controlled vocabulary specifying a person's relationship(s) to the institution in broad categories such as student, faculty, staff, alum, etc. eduPersonScopedAffiliation is defined in the eduPerson LDAP object class. 

This identifier is scoped and of the form affiliation@scope:

  • The left component (affiliation) is one of the values from the eduPersonAffiliation controlled vocabulary. Within the same assertion, the values asserted in eduPersonAffiliation should match those asserted in eduPersonScopedAffiliation.

  • The scope portion MUST be the administrative domain of the identity system where the identifier was created and assigned. The scope portion MAY contain any Unicode character. The length of the scope portion MUST be less than or equal to 256 characters. Note that the use of characters outside the seven-bit ASCII set or extremely long values in the scope portion may cause issues with interoperability. 

See also: Scope in InCommon metadata

Permissible values

See controlled vocabulary for eduPersonAffiliation.


OID1.3.6.1.4.1.5923.1.1.1.9
LDAP Syntax

Directory String

# of Valuesmulti-valued
ReferenceseduPerson

SAML Response Example

<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"         
                xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" 
                ID="..." Version="2.0" IssueInstant="2020-07-17T01:01:48Z" 
                Destination="...." InResponseTo="...">
 ...
 <saml:Assertion ...>
  ...
   <saml:AttributeStatement>
    <saml:Attribute xmlns:x500="urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500"
                    NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
                    Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" 
                    FriendlyName="eduPersonScopedAffiliation"
                    x500:Encoding="LDAP">
      <saml:AttributeValue xsi:type="xsd:string">member@example.edu</saml:AttributeValue>
      <saml:AttributeValue xsi:type="xsd:string">faculty@example.edu</saml:AttributeValue>
      <saml:AttributeValue xsi:type="xsd:string">employee@example.edu</saml:AttributeValue>
      <saml:AttributeValue xsi:type="xsd:string">alum@example.edu</saml:AttributeValue>
   </saml:Attribute>
   ...
   </saml:AttributeStatement>
 </saml:Assertion>
</samlp:Response>


See Also



Working with user data

Related content

Get help

Can't find what you are looking for?

help Ask the community


  • No labels