Jump to: 

Overview

eduPersonEntitlement is an URI (either URN or URL) that indicates a set of rights to specific resources. eduPersonEntitlement is defined in the eduPerson LDAP object class. 

Permitted Values

an eduPersonEntitlement value must be a universal resource name (URI) as defined in RFC3986→

OID1.3.6.1.4.1.5923.1.1.1.7
LDAP Syntax

Directory String

# of Valuesmulti-valued
ReferenceseduPerson, RFC3986

SAML Response Example

<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"         
                xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" 
                ID="..." Version="2.0" IssueInstant="2020-07-17T01:01:48Z" 
                Destination="...." InResponseTo="...">
 ...
 <saml:Assertion ...>
  ...
   <saml:AttributeStatement>
    <saml:Attribute xmlns:x500="urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500"
                    NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
                    Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7" 
                    FriendlyName="eduPersonEntitlement"
                    x500:Encoding="LDAP">
      <saml:AttributeValue xsi:type="xsd:string">http://example.edu/resources/biblio92</saml:AttributeValue>
      <saml:AttributeValue xsi:type="xsd:string">urn:mace:dir:entitlement:common-lib-terms</saml:AttributeValue>
   </saml:Attribute>
   ...
   </saml:AttributeStatement>
 </saml:Assertion>
</samlp:Response>


See Also



Working with user data

Related content


Get help

Can't find what you are looking for?