...
and where email address is defined to be the mail
attribute.
6. Attribute
...
If a Service Provider requests an R&S attribute, the Identity Provider is REQUIRED to release it. Thus one or more R&S attributes MUST be listed in Service Provider metadata, otherwise the Identity Provider may release nothing at all.
Service Providers SHOULD request a subset of R&S attributes that represent only those attributes that the Service Provider requires to operate its service. Such an R&S attribute requested in metadata MUST NOT be decorated with isRequired="false"
.
...
Release
An Identity Provider supports the Research & Scholarship (R&S) category if, for some subset of the Identity Provider’s user population, the Identity Provider is willing and able to release the R&S attribute bundle to all conforming R&S Service Providers without administrative involvement, either automatically or subject to user consent.
An Identity Provider MUST release R&S attributes to any conforming R&S Service Provider upon request, in one of two ways:
...
the complete R&S attribute
...
bundle to any conforming R&S
...
Service Provider
...
An Identity Provider is NOT REQUIRED to release an R&S attribute to a given R&S Service Provider unless that attribute is requested in Service Provider metadata. Conversely, an Identity Provider that supports the R&S category MUST release the attributes shown below upon request from the Service Provider:
requested | released |
---|---|
refedsUserID | refedsNonPrivateUserID |
refedsNonPrivateUserID | refedsNonPrivateUserID |
eduPersonUniqueId | refedsNonPrivateUserID |
refedsPersonName | refedsPersonName |
displayName | refedsPersonName |
refedsEmailAddress | refedsEmailAddress |
mail | refedsEmailAddress |
All other attributes listed in Service Provider metadata are out of scope with respect to this specification.
8. Examples
Example 1. The R&S Service Provider requests refedsNonPrivateUserID
, refedsPersonName
, and refedsEmailAddress
in metadata.
An Identity Provider that supports R&S releases the full R&S bundle (refedsNonPrivateUserID
, refedsPersonName
, and refedsEmailAddress
).
Example 2. The R&S Service Provider requests eduPersonUniqueId
, displayName
, and mail
in metadata.
An Identity Provider that supports R&S releases the full R&S bundle (refedsNonPrivateUserID
, refedsPersonName
, and refedsEmailAddress
). Compare with the previous example.
Example 3. The R&S Service Provider requests refedsNonPrivateUserID
and refedsEmailAddress
in metadata.
An Identity Provider that supports R&S releases at least refedsNonPrivateUserID
and refedsEmailAddress
. Some Identity Providers will release refedsPersonName
as well. Presumably this latter group of Identity Providers do not filter on requested attributes in metadata.
Example 4. The R&S Service Provider requests refedsEmailAddress
in metadata.
An Identity Provider that supports R&S releases at least the refedsEmailAddress
attribute. Some Identity Providers, even those that filter on requested attributes in metadata, may release refedsNonPrivateUserID
as well.
Note | ||
---|---|---|
| ||
Registrars should discourage R&S Service Providers from relying on an email address as a user identifier. |
Example 5. The R&S Service Provider requests refedsUserID
in metadata.
An Identity Provider that supports R&S releases at least the refedsNonPrivateUserID
attribute. Other Identity Providers may release any persistent, non-reassigned user identifier, including refedsPrivateUserID
(i.e., eduPersonTargetedID
) but this is out of scope with respect to this specification, without regard for any R&S attributes requested in SP metadata.
...
2. Syntax
The following URI is used as the attribute value for the Entity Category and Entity Category Support attribute: http://refeds.org/category/research-and-scholarship
...
Service Providers SHOULD request a subset of R&S Category Attributes that represent only those attributes that the Service Provider requires to operate its service.
6. Attribute Release
Identity Providers are strongly encouraged to release the following bundle of attributes to R&S category Service Providers:
...