...
The R&S attribute bundle consists of the following three meta-attributes:
- non-private user identifier
- person name
- email address
where user identifier is an intentionally trackable ( non-private user identifier is a persistent, non-reassigned, non-targeted ) identifier defined to be any one of the following:
...
and where person name is defined to be at least any one of the following:
displayName
givenName
+sn
(surname)
...
- By unconditionally releasing the complete R&S attribute bundle; OR
- By conditionally releasing filtering attributes from the R&S attribute bundle based on the
<md:RequestedAttribute>
elements in Service Provider metadata, regardless of whether the optionalisRequired
XML attribute is (or is not) present.
An Identity Provider is NOT REQUIRED to release the user the non-private user identifier meta-attribute to a given R&S Service Provider unless one or more of eduPersonPrincipalName
, eduPersonUniqueId
, or eduPersonTargetedID
is requested in Service Provider metadata, without regard for the isRequired
XML attribute. Similarly, an Identity Provider is NOT REQUIRED to release the person name meta-attribute to a given R&S Service Provider unless one or more of displayName
, givenName
, or sn
(surname) is requested in Service Provider metadata, without regard for the isRequired
XML attribute. Finally, an Identity Provider is NOT REQUIRED to release the email address meta-attribute unless the mail
attribute is requested in Service Provider metadata, without regard for the isRequired
XML attribute.
...