IdPs are encouraged to release the R&S attribute bundle to all R&S SPs:
eduPersonPrincipalNameeduPersonTargetedIDmaildisplayNamegivenNamesn (surname)eduPersonScopedAffiliation|
An identity provider (IdP) supports the Research & Scholarship (R&S) Category if, for some subset of the IdP's user population, the IdP releases a minimal subset of the R&S attribute bundle to R&S SPs without administrative involvement, either automatically or subject to user consent. |
The following attributes constitute a minimal subset of the R&S attribute bundle:
eduPersonPrincipalNamemaildisplayName OR (givenName AND sn)For the purposes of access control, a non-reassigned persistent identifier MUST be released. If your deployment of eduPersonPrincipalName is non-reassigned, it will suffice. Otherwise you MUST release eduPersonTargetedID (which is non-reassigned by definition) in addition to eduPersonPrincipalName. In any case, release of both identifiers is RECOMMENDED.