Versions Compared

Old Version 21

changes.mady.by.user Tom Scavo

Saved on

compared with

New Version 22

changes.mady.by.user Tom Scavo

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

http://refeds.org/category/research-and-scholarship

A Service Provider that conforms to R&S exhibits the following entity attribute in its metadata:

Code Block
titleAn entity attribute for SPs that conform to R&S
<mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
  <!-- entity attribute for SPs that conform to R&amp;S -->
  <saml:Attribute
      xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
      NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
      Name="http://macedir.org/entity-category-support">
    <!-- the refeds.org R&amp;S entity attribute value -->
    <saml:AttributeValue>
      http://refeds.org/category/research-and-scholarship
    </saml:AttributeValue>
  </saml:Attribute>
</mdattr:EntityAttributes>

...

An Identity Provider that supports R&S releases the full R&S bundle (refedsNonPrivateUserIDrefedsPersonName, and refedsEmailAddress). Compare with Example 1the previous example.

Example 3The R&S Service Provider requests refedsNonPrivateUserID and refedsEmailAddress in metadata.

...

Example 4. The R&S Service Provider requests refedsUserID in requests refedsEmailAddress in metadata.

An Identity Provider that supports R&S releases at least the refedsNonPrivateUserID attributerefedsEmailAddress attribute. Other Some Identity Providers may release any persistent, non-reassigned user identifier, including refedsPrivateUserID (i.e., eduPersonTargetedID) but this is out of scope with respect to this specification.

Example 5. The R&S Service Provider requests refedsEmailAddress in metadata.

An Identity Provider that supports R&S releases the refedsEmailAddress attribute.

, even those that filter on requested attributes in metadata, may release refedsNonPrivateUserID as well.

Note
titleDo not rely on email address as an identifier!
Registrars should discourage R&S Service Providers from relying on an email address as a user identifier.

Example 5. The R&S Service Provider requests refedsUserID in metadata.

An Identity Provider that supports R&S releases at least the refedsNonPrivateUserID attribute. Other Identity Providers may release any persistent, non-reassigned user identifier, including refedsPrivateUserID (i.e., eduPersonTargetedID) but this is out of scope with respect to this specification.


...

2. Syntax

The following URI is used as the attribute value for the Entity Category and Entity Category Support attribute: http://refeds.org/category/research-and-scholarship

...