...
where non-private user identifier is a persistent, non-reassigned, non-targeted identifier defined to be any one of the following:
eduPersonUniqueId
eduPersonPrincipalName
(if non-reassigned)eduPersonUniqueId
eduPersonPrincipalName
+eduPersonTargetedID
...
An Identity Provider is NOT REQUIRED to release the non-private user identifier meta-attribute to a given R&S Service Provider unless one or more of eduPersonUniqueId
, eduPersonPrincipalName
, eduPersonUniqueId
, or eduPersonTargetedID
is requested in Service Provider metadata, without regard for the isRequired
XML attribute. Similarly, an Identity Provider is NOT REQUIRED to release the person name meta-attribute to a given R&S Service Provider unless one or more of displayName
, givenName
, or sn
(surname) is requested in Service Provider metadata, without regard for the isRequired
XML attribute. Finally, an Identity Provider is NOT REQUIRED to release the email address meta-attribute unless the mail
attribute is requested in Service Provider metadata, without regard for the isRequired
XML attribute.
...