Child pages
  • Attribute Release Requirements

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

http://refeds.org/category/research-and-scholarship

A Service Provider that conforms to R&S exhibits the following entity attribute in its metadata:

Code Block
titleAn entity attribute for SPs that conform to R&S
<mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
  <!-- entity attribute for SPs that conform to R&amp;S -->
  <saml:Attribute
      xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
      NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
      Name="http://macedir.org/entity-category-support">
    <!-- the refeds.org R&amp;S entity attribute value -->
    <saml:AttributeValue>
      http://refeds.org/category/research-and-scholarship
    </saml:AttributeValue>
  </saml:Attribute>
</mdattr:EntityAttributes>

...

If a Service Provider requests a particular an R&S attribute, the Identity Provider is REQUIRED to release it. Thus one or more R&S attributes MUST be listed in Service Provider metadata, otherwise the Identity Provider may release nothing at all.

...

An Identity Provider is NOT REQUIRED to release an R&S attribute to a given R&S Service Provider unless that attribute is requested in Service Provider metadata. In particularConversely, an Identity Provider that supports the R&S category MUST release the attributes shown below upon request from the Service Provider:

...

An Identity Provider that supports R&S releases at least refedsNonPrivateUserID and refedsEmailAddress. Some Identity Providers will release refedsPersonName as well. Presumably the this latter group of Identity Providers do not filter on requested attributes in metadata.

...