...
For an example on how to consume and process this information in an Identity Provider look at the page Example of a standard attribute filter for Shibboleth IdP v3.4.0 v5 and above. ADFS Toolkit support the use of entity categories.
...
The entity category European Student Identifier is a category to primary support student exchange programs like Erasmus+. This entity category only supports one value in one specific attribute and expected to be used together with other entity categories, for example Personalized Access.
For services that needs other attributes than supported by the fixed attribute bundles the entity category REFEDS Data Protection Code of Conduct, and the older GÉANT Data Protection Code of Conduct, is recommended.
| Anonymous Access | Pseudonymous Access | Personalized Access | Research and Scholarship (R&S) | |
|---|---|---|---|---|
| Organisation | eduPersonScopedAffiliation schacHomeOrganization | eduPersonScopedAffiliation schacHomeOrganization | eduPersonScopedAffiliation schacHomeOrganization | eduPersonScopedAffiliation (optional) |
| User identifier | samlPairwiseID | samlSubjectID | eduPersonPrincipalName (if non-reassigned) eduPersonPrincipalName + eduPersonTargetedID (not used within SWAMID) | |
| Assurance | eduPersonAssurance | eduPersonAssurance | eduPersonAssurance (only within SWAMID) | |
| Person name | displayName givenName sn | displayName or givenName + sn | ||
| Email address |
For services that needs other attributes than supported by the fixed attribute bundles the entity category REFEDS Data Protection Code of Conduct, and the older GÉANT Data Protection Code of Conduct, is recommended. It's possible to use above mentioned entity categories and Data Protection Code of Conduct at the same time to have a richer release. However, it's strongly recommended that personalized identifiable attributes are not used when anonymous or pseudonymous entity category is used in conjunction with Data Protection Code of Conduct.
REFEDS Anonymous Access Entity Category
...