...
The R&S attribute bundle consists of the following three meta-attributes:
- non-private user identifier
- person name
- email address
where user identifier is an intentionally trackable ( non-private user identifier is a persistent, non-reassigned, non-targeted ) identifier defined to be any one of the following:
...
and where person name is defined to be at least any one of the following:
displayNamegivenName+sn(surname)
...
- By unconditionally releasing the complete R&S attribute bundle; OR
- By conditionally releasing filtering attributes from the R&S attribute bundle based on the
<md:RequestedAttribute>elements in Service Provider metadata, regardless of whether the optionalisRequiredXML attribute is (or is not) present.
An Identity Provider is NOT REQUIRED to release the user the non-private user identifier meta-attribute to a given R&S Service Provider unless one or more of eduPersonPrincipalName, eduPersonUniqueId, or eduPersonTargetedID is requested in Service Provider metadata, without regard for the isRequired XML attribute. Similarly, an Identity Provider is NOT REQUIRED to release the person name meta-attribute to a given R&S Service Provider unless one or more of displayName, givenName, or sn (surname) is requested in Service Provider metadata, without regard for the isRequired XML attribute. Finally, an Identity Provider is NOT REQUIRED to release the email address meta-attribute unless the mail attribute is requested in Service Provider metadata, without regard for the isRequired XML attribute.
...