Versions Compared

Old Version 13

changes.mady.by.user Nicole Harris

Saved on

compared with

New Version 14

changes.mady.by.user Peter Brand

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: wiki format, links

...

Federation

"Core" IdentifiersPositionReference
AconetACOnet, eduID.at  eduPersonTargetedID (a.k.a. SAML2 persistent NameID, urn:oid:1.3.6.1.4.1.5923.1.1.1.10), though "the use of the eduPersonTargetedID attribute should be phased out and replaced in SAML 2.0 usage".
eduPersonPrincipalName (urn:oid:1.3.6.1.4.1.5923.1.1.1.6)
mail (urn:oid:0.9.2342.19200300.100.1.3)
  Matrikelnummer where applicable: Matrikelnummer (national student immatriculation number, as SCHAC personalUniqueCode attribute), though use should be limited to student administration systems		all IDPs should be able to generate the list of attributes specified (in the referenced documentation)

Make attributes available
https://wiki.univie.ac.at/display/federation/Attributes

Australia, AAF

auEduPersonSharedToken
displayName
eduPersonTargetedID
mail

Required that all IdPs are able to releasehttp://aaf.edu.au/technical/aaf-core-attributes/

Belgium, Belnet R&E Federation

No specific recommendations found  
Canada - Canadian Access FederationNo specific recommendations found  
Croatia - AAI@EduHr

hrEduPersonUniqueID (mandatory)
uid (mandatory)
cn (mandatory)
sn (mandatory)
givenName (mandatory)
mail (mandatory)
hrEduPersonUniqueNumber (mandatory)
hrEduPersonOIB (mandatory)
hrEduPersonPersistentID  (mandatory)
hrEduPersonCardNum (optional) 

Mandatory / optional as listedhttp://shema.aaiedu.hr/shema/
Czech Republic - eduID.cz
eduPersonPrincipalName (required to populate)
cn (required to populate)
eduPersonTargetedID (required to populate)
givenName
sn
mail
As listedhttp://eduid.cz/cs/tech/attributes
Finland - Haka   
France - Fédération Éducation-Recherche   

Germany - DFN-AAI

   
Greece - GRNET AAI   

Ireland - Edugate

   

Italy - IDEM

   

Japan - GakuNin

   

Norway - FEIDE

   

Spain - SIR

   
Sweden - SWAMID

eduPersonPersistentID - (eptid)
eduPersonPrincipalName (eppn)
givenName, sn, displayName (or cn in some cases)
norEduPersonNIN

 https://portal.nordu.net/display/SWAMID/Attribute+Profile
Switzerland - SWITCHaai

swissEduPersonUniqueID (urn:oid:2.16.756.1.2.5.1.1.1)
eduPersonTargetedID (a.k.a. SAML2 persistent NameID)
 email, givenName, sn

 The following ones only for interfederation enabled IdPs:
 eduPersonUniqueId
 eduPersonPrincipalName
cn, displayName

Core attributes are mandatory to implement, but not guaranteed to be available for all SPs.https://www.switch.ch/aai/attributes/
The Netherlands - SurfConext

The user's identity is transmitted in the form of the NameID element of the SAML statement. Every Identity Provider must supply a NameID, but for privacy reasons SURFconext will generate a new one regardless. For convenience, this identifier is duplicated in the SAML attribute eduPersonTargetedID (see below).

The two supported NameID types, for respectively persistent and transient NameID specifiers, are:

  • urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
  • urn:oasis:names:tc:SAML:2.0:nameid-format:transient

Surname
Given name
Common name
Display name
Email address

Supported as appropriate via central hub.https://wiki.surfnet.nl/display/surfconextdev/Attributes+in+SURFconext
USA - InCommon

eduPersonPrincipalName
eduPersonTargetedID
sn
givenName
displayName
mail

List of attributes commonly used.http://www.incommon.org/federation/attributesummary.html.
UK - UK Access Management Federation

eduPersonTargetedID
eduPersonPrincipalName

Recommended that IdPs are able to release.http://www.ukfederation.org.uk/library/uploads/Documents/recommendations-for-use-of-personal-data.pdf.