...
http://refeds.org/category/research-and-scholarship
A Service Provider that conforms to R&S exhibits the following entity attribute in its metadata:
Code Block | ||
---|---|---|
| ||
<mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute"> <!-- entity attribute for SPs that conform to R&S --> <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://macedir.org/entity-category-support"> <!-- the refeds.org R&S entity attribute value --> <saml:AttributeValue> http://refeds.org/category/research-and-scholarship </saml:AttributeValue> </saml:Attribute> </mdattr:EntityAttributes> |
...
If a Service Provider requests a particular an R&S attribute, the Identity Provider is REQUIRED to release it. Thus one or more R&S attributes MUST be listed in Service Provider metadata, otherwise the Identity Provider may release nothing at all.
...
An Identity Provider is NOT REQUIRED to release an R&S attribute to a given R&S Service Provider unless that attribute is requested in Service Provider metadata. In particularConversely, an Identity Provider that supports the R&S category MUST release the attributes shown below upon request from the Service Provider:
...
An Identity Provider that supports R&S releases at least refedsNonPrivateUserID
and refedsEmailAddress
. Some Identity Providers will release refedsPersonName
as well. Presumably the this latter group of Identity Providers do not filter on requested attributes in metadata.
...