As defined in the REFEDS eduPerson schema and the SAML v2.0 Subject Identifier Profile, an IdP's permissible scopes are expressed in the <md:Extensions> element of the IdP's metadata:
< md:Extensions xmlns:md = "urn:oasis:names:tc:SAML:2.0:metadata" >
< shibmd:Scope regexp = "false"
xmlns:shibmd = "urn:mace:shibboleth:metadata:1.0" >internet2.edu</ shibmd:Scope >
</ md:Extensions >
|
See Scope for information about how the Scope element is used in InCommon metadata.