Note |
---|
The following draft text is for discussion only! For comparison, the official normative text is shown below the horizontal line. |
5. Attribute Bundle
Conceptually, the The R&S attribute bundle consists of the following three attributes:
refedsNonPrivateUserID
: a non-private user identifierrefedsPersonName
: a person namerefedsEmailAddress
: an email address
Technically, a non-private user identifier is a persistent, non-reassigned, non-targeted identifier defined to be any one of the following:
eduPersonUniqueId
eduPersonPrincipalName
(if non-reassigned)eduPersonPrincipalName
+eduPersonTargetedID
Likewise, person name is defined to be any one of the following:
displayName
givenName
+sn
(surname)
Finally, an email address is synonymous with the mail
attribute.These attributes are "above-the-wire" attributes intended solely to facilitate attribute release. See: REFEDS Attribute Registry
6. Attribute Request
If a Service Provider requests a particular R&S attribute, the Identity Provider is REQUIRED to release it. Thus one or more R&S attributes MUST be listed in Service Provider metadata, otherwise the Identity Provider may release nothing at all.
...