...
Recommended Attributes in eduGAIN
The eduGAIN Attribute Profile(LINK NOT FOUND) recommends that Identity Providers implement the following attributes for all usersThe following set of attributes is recommended to implement for all eduGAIN Identity Providers as it contains the most commonly used attributes:
| Attribute | Description |
|---|---|
| eduPersonTargetedID/persistentID | Unique, persistent, opaque and targeted identifier of the user. |
(LINK NOT FOUND)
(Serialized) Example: https://aai-logon.switch.ch/idp/shibboleth!https://filesender.funet.fi!yrVdvdAmohZY+cE6dcGvqu/Dubc= | |
| eduPersonPrincipalName | Unique, persistent identifier of the user. Example: jdoe@example.org |
| displayName | Name and Surname of the user. Example: John Doe |
| commonName | Name and Surname of the user. Could be multi-valued but it is recommended to have only one value. Example: Johne Doe |
| User's personal eMail address. Example: john.doe@example.org | |
| eduPersonAffiliation | See the Controlled Vocabolaries. Multi-valued. Example: student;member or staff;member |
| eduPersonScopedAffiliation | See the Controlled Vocabolaries. Multi-valued. Example: staff@example.org;member@example.org |
| schacHomeOrganization | Example: example.org |
| schacHomeOrganizationType | See the Controlled Vocabolaries. Example: urn:schac:homeOrganizationType:int:university This attribute is unfortunately underspecified. Therefore, this attribute is of little use as of 2015. |
Anchor How_to_configure_Shibboleth_to_support_the_recommended_attributes How_to_configure_Shibboleth_to_support_the_recommended_attributes
...
Instead of manually configuring attribute release rules, you may also consider implementing the Data Protection Code of Conduct(LINK NOT FOUND) that helps to automatically release attributes to a particular Service Provider that signed the Code of Conduct.
...