...
- By unconditionally releasing the complete R&S attribute bundle; OR
- By conditionally releasing attributes from the R&S attribute bundle based on the
<md:RequestedAttribute>
elements in Service Provider metadata, regardless of whether the optionalisRequired
XML attribute is (or is not) present.
An Identity Provider is NOT REQUIRED to release a persistent, non-reassigned, non-targeted identifier to a given R&S Service Provider if and only if unless one or more of eduPersonPrincipalName
, eduPersonUniqueId
, or eduPersonTargetedID
is listed in SP metadata. Beyond that Service Provider metadata. Similarly, an Identity Provider is NOT REQUIRED to release a given any other R&S attribute (mail
, displayName
, givenName
, or sn
) unless that attribute is listed in Service Provider metadata.
...