Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
The following draft text is for discussion only! For comparison, the official normative text is shown below the horizontal line. 

5. Attribute Bundle

Conceptually, the The R&S attribute bundle consists of the following three attributes:

  • refedsNonPrivateUserID: a non-private user identifier
  • refedsPersonName: a person name
  • refedsEmailAddress: an email address

Technically, a non-private user identifier is a persistent, non-reassigned, non-targeted identifier defined to be any one of the following:

  1. eduPersonUniqueId
  2. eduPersonPrincipalName (if non-reassigned)
  3. eduPersonPrincipalName + eduPersonTargetedID

Likewise, person name is defined to be any one of the following:

  1. displayName
  2. givenName + sn (surname)

Finally, an email address is synonymous with the mail attribute.These attributes are "above-the-wire" attributes intended solely to facilitate attribute release. See: REFEDS Attribute Registry

6. Attribute Request

If a Service Provider requests a particular R&S attribute, the Identity Provider is REQUIRED to release it. Thus one or more R&S attributes MUST be listed in Service Provider metadata, otherwise the Identity Provider may release nothing at all.