...
Friendly name | Attribute name | Definition | Data type | Example |
---|---|---|---|---|
(NameID) | eduPerson (1) | UTF8 string | bd09168cf0c2e675b2def0ade6f50b7d4bb4aae | |
urn:mace:dir:attribute-def:sn | X.520 | UTF8 string | Doe Vermeegen | |
urn:mace:dir:attribute-def:givenName | X.520 | UTF8 string | John Mërgim Lukáš Þrúður | |
urn:mace:dir:attribute-def:cn | X.520 | UTF8 String | John Doe Prof.dr. Mërgim Lukáš Vermeegen 加来 千代, PhD. | |
urn:mace:dir:attribute-def:displayName | UTF8 String | Dr. John Doe Prof.dr. Mërgim L. Vermeegen 加来 千代, PhD. | ||
urn:mace:dir:attribute-def:mail | RFC-5322 address | m.l.vermeegen@university.example.org maarten.'t.hart@uniharderwijk.nl "very.unusual.@.but valid.nonetheless"@example.com mlv@[IPv6:2001:db8::1234:4321] | ||
urn:mace:terena.org:attribute-def:schacHomeOrganization | RFC-1035 domain string | example.nl something.example.org | ||
urn:mace:terena.org:attribute-def:schacHomeOrganizationType | RFC-2141 URN | urn:mace:terena.org:schac:homeOrganizationType:int:university urn:mace:terena.org:schac:homeOrganizationType:es:opi | ||
Employee/student number | urn:schac:attribute-def:schacPersonalUniqueCode | Schac | RFC-2141 URN | urn:schac:personalUniqueCode:nl:local:example.edu:employeeid:x12-3456 urn:schac:personalUniqueCode:nl:local:example.nl:studentid:s1234567 |
urn:mace:dir:attribute-def:eduPersonAffiliation | eduPerson (1) | Enum type (UTF8 String) | employee, student, faculty, member, affiliate, pre-student (staff is deprecated; library-walk-in, alum are not allowed) | |
Scoped affiliation | urn:mace:dir:attribute-def:eduPersonScopedAffiliation urn:oid:1.3.6.1.4.1.5923.1.1.1.9 | eduPerson (1) | UTF8 String user@domain | student@uniharderwijk.nl employee@uniharderwijk.nl |
urn:mace:dir:attribute-def:eduPersonEntitlement | eduPerson (1) | RFC-2141 URN | to be determined per service (see Standardized values for eduPersonEntitlement) | |
urn:mace:dir:attribute-def:eduPersonPrincipalName | eduPerson (1) | UTF8 String | piet.jønsen@example.edu not.a@vålîd.émail.addreß | |
urn:mace:dir:attribute-def:isMemberOf | eduMember | RFC-2141 URN | urn:collab:org:surf.nl urn:collab:org:clarin.org | |
urn:mace:dir:attribute-def:uid | UTF8 String | s9603145 flåp@example.edu | ||
urn:mace:dir:attribute-def:preferredLanguage | List of BCP47 language tags | nl nl, en-gb;q=0.8, en;q=0.7 | ||
ORCID | urn:mace:dir:attribute-def:eduPersonORCID urn:oid:1.3.6.1.4.1.5923.1.1.1.16 | eduPerson (1) | URL registered with ORCID.org | http://orcid.org/0000-0002-1825-0097 |
ECK ID | urn:mace:surf.nl:attribute-def:eckid | SURF / Edu-K | URL conform Edu-K specification | https://ketenid.nl/spv1/eacf3765ad342...cf3a11fe9cab2365f95da3e9965501f7c98e (Attribute made shorter for readability) |
...
(1) eduPerson Object Class Specification (201602): httphttps://softwarewiki.internet2refeds.eduorg/eduperson/internet2-mace-dir-eduperson-201602.htmlpages/viewpage.action?pageId=44957738
Warning | ||
---|---|---|
| ||
There is a minimum amount of attributes to supply when you connect your IdP to SURFconext. Not supplying the attributes urn:mace:dir:attribute-def:uid and urn:mace:terena.org:attribute-def:schacHomeOrganization will cause a fatal error because those are needed to generate the NameID. Your IdP cannot be connected to SURFconext without these. Not supplying the attributes urn:mace:dir:attribute-def:displayName and urn:mace:dir:attribute-def:mail will cause a warning. A lot of services depend on these. The above mentioned are the bare minimum and will probably result in services not being able to connect to your institution. As a rule of thumb, supply the attributes as depicted on this page or those depicted in the configuration manuals on the page (Dutch) 'Handleidingen en Richtlijnen'. |
...