...
x - Attribute is released if it's available in the Home Organisation Identity Provider.
o - Attribute is released only if requested and required in the metadata for the service and if it's available in the Home Organisation Identity Provider.
SAML2 Attribute Identifier | Friendly Name | Without enitity category | Data protection Code of Conduct (REFEDS CoCo v2 and GÉANT CoCo v1) | REFEDS Personalized Access Entity Category | REFEDS Pseudonymous Access Entity Category | REFEDS Anonymous Access Entity Category | REFEDS Research and Scholarship Entity Category (R&S) | |||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||
urn:oasis:names:tc:SAML:attribute:pairwise-id | pairwise-id | x | ||||||||||
urn:oasis:names:tc:SAML:attribute:subject-id | subject-id | x | ||||||||||
urn:oid:1.3.6.1.4.1.5923.1.1.1.10 | eduPersonTargetedID | o | x3 | |||||||||
urn:oid:1.3.6.1.4.1.5923.1.1.1.6 | eduPersonPrincipalName | o | x | |||||||||
urn:oid:1.3.6.1.4.1.5923.1.1.1.16 | eduPersonOrcid | o | ||||||||||
urn:oid:1.3.6.1.4.1.2428.90.1.5 | norEduPersonNIN | o2 | ||||||||||
urn:oid:1.2.752.29.4.13 | personalIdentityNumber | o2 | ||||||||||
urn:oid:1.3.6.1.4.1.25178.1.2.3 | schacDateOfBirth | o | ||||||||||
urn:oid:0.9.2342.19200300.100.1.3 | o | x | x | |||||||||
urn:oid:2.16.840.1.113730.3.1.241 | displayName | o | x | x | ||||||||
urn:oid:2.5.4.3 | cn (aka commonName) | o | ||||||||||
urn:oid:2.5.4.42 | givenName | o | x | x | ||||||||
urn:oid:2.5.4.4 | sn (aka surname) | o | x | x | ||||||||
urn:oid:1.3.6.1.4.1.5923.1.1.1.11 | eduPersonAssurance | o | x | x | x4 | |||||||
urn:oid:1.3.6.1.4.1.5923.1.1.1.9 | eduPersonScopedAffiliation | o | x | x | x | x | ||||||
urn:oid:1.3.6.1.4.1.5923.1.1.1.1 | eduPersonAffiliation | o | ||||||||||
urn:oid:2.5.4.10 | o (aka organizationName) | o | ||||||||||
urn:oid:1.3.6.1.4.1.2428.90.1.6 | norEduOrgAcronym | o | ||||||||||
urn:oid:2.5.4.6 | c (aka countryName) | o | ||||||||||
urn:oid:0.9.2342.19200300.100.1.43 | co (aka friendlyCountryName) | o | ||||||||||
urn:oid:1.3.6.1.4.1.25178.1.2.9 | schacHomeOrganization | o | x | x | x | |||||||
urn:oid:1.3.6.1.4.1.25178.1.2.10 | schacHomeOrganizationType | o |
- The entity category the REFEDS and GÉANT Code of Conduct entity categories does not have a specific attribute bundle. Instead of an attribute bundle it uses attribute request in metadata for specific required attributes.
- norEduPersonNIN and personalIdentityNumber shall only be released when required by entities registered with in SWAMID (registrationAuthority="http://www.swamid.se/").
- personalIdentityNumber must only contain Swedish Personal Numbers or Swedish Co-ordination Numbers.
- norEduPersonNIN can besides Swedish Personal Numbers and Swedish Co-ordination Numbers also contain Interim Personal Numbers from the student documentation system Ladok and the Swedish national study enrolment system.
- eduPersonTargetedID should only be released in with the entity category REFEDS Research & Scholarship if eduPersonPrincipalName is reassignable. All Identity Providers in SWAMID must by the SWAMID Assurance Profiles be longterm unique and therefore it should normally not be released.
- Within SWAMID the REFEDS Research and Scholarship Entity Category is extended to also include eduPersonAssurance.
...