Jump to:
eduPersonTargetedID (eptid)
is a user identifier attribute defined in the eduPerson→ LDAP object class. It is a persistent, non-reassigned, opaque identifier. eduPersonTargetedID
is designed to prevent two relying parties receiving user information from an Identity Provider from correlating user information, thus revealing the user identity when it is not intended.
OID | 1.3.6.1.4.1.5923.1.1.1.10 |
---|---|
LDAP Syntax | Directory String |
# of Values | multi-valued |
References | eduPerson→ |
eduPersonTargetedID
is deprecated. It will be marked as obsolete in a future release of the eduPerson Object Class specification.
See: Why is eduPersonTargetedID deprecated?
eduPersonTargetedID
is deprecated. Deployers who currently rely on eduPersonTargetedID should devise plans to transition to use the SAML 2 Pairwise Subject Identifier instead.
eduPersonTargetedID
may be required to satisfy the REFEDS Research & Scholarship (R&S) entity category's requirement for shared user identifier if the IdP's implementation of eppn
permits reassignment.
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="..." Version="2.0" IssueInstant="2020-07-17T01:01:48Z" Destination="..." InResponseTo="..."> ... <saml:Assertion ...> ... <saml:AttributeStatement> <saml:Attribute xmlns:x500="urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" FriendlyName="eduPersonTargetedID" x500:Encoding="LDAP"> <saml:AttributeValue xsi:type="xsd:string">?todo?provide-example-eptid</saml:AttributeValue> </saml:Attribute> ... </saml:AttributeStatement> </saml:Assertion> </samlp:Response> |
See Also
Can't find what you are looking for?