{
"trust_mark_type": "https://github.com/REFEDS/MRPS/",
"iss": "https://ta.surfconext.nl",
"sub": "https://leaf.institution.org/op",
"iat": 1579621160,
"ref": "https://github.com/REFEDS/MRPS/blob/master/mrps.md"
"mrps": "https://servicedesk.surf.nl/wiki/spaces/IAM/pages/128910076/Metadata+Registration+Practice+Statement+for+SURFconext"
}
`{`
` "trust_mark_type": "https://refeds.org/trustmarks/md_scope",`
` "iss": "https://ta.federation.org",`
` "sub": "https://leaf.institution.org/op",`
` "iat": 1579621160,`
` "ref": "https://refeds.org/trustmarks/md_scope/index.html",`
` "mdscope": [`
` "institution.org",`
` "student.institution.org",`
` "institution-businessschool.com"`
` ]`
`}`
federation_trust_mark_status_endpoint (https://openid.net/specs/openid-federation-1_0.html#section-5.1.1-3.8)
OPTIONAL. The Trust Mark Status endpoint described in Section 8.4. Trust Mark Issuers SHOULD publish a federation_trust_mark_status_endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components; it MUST NOT contain a fragment component
VERIFIED Trust Mark
3 trust mark scenarios exist in the spec:
- Self issued by the Entity
- Issued by a Trustmark Issuer (TMI)
- Owned by a Trust mark Owner (TMO), issued by a Trust Mark Issuer, which the TMO has delegated to the TMI