...
http://refeds.org/category/research-and-scholarship
A Service Provider that conforms to R&S exhibits the following entity attribute in its metadata:
| Code Block | ||
|---|---|---|
| ||
<mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
<!-- entity attribute for SPs that conform to R&S -->
<saml:Attribute
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
Name="http://macedir.org/entity-category-support">
<!-- the refeds.org R&S entity attribute value -->
<saml:AttributeValue>
http://refeds.org/category/research-and-scholarship
</saml:AttributeValue>
</saml:Attribute>
</mdattr:EntityAttributes> |
...
If a Service Provider requests a particular an R&S attribute, the Identity Provider is REQUIRED to release it. Thus one or more R&S attributes MUST be listed in Service Provider metadata, otherwise the Identity Provider may release nothing at all.
...
An Identity Provider is NOT REQUIRED to release an R&S attribute to a given R&S Service Provider unless that attribute is requested in Service Provider metadata. In particularConversely, an Identity Provider that supports the R&S category MUST release the attributes shown below upon request from the Service Provider:
...
An Identity Provider that supports R&S releases at least refedsNonPrivateUserID and refedsEmailAddress. Some Identity Providers will release refedsPersonName as well. Presumably the this latter group of Identity Providers do not filter on requested attributes in metadata.
...