Versions Compared

Old Version 39

changes.mady.by.user Niels van Dijk

Saved on

compared with

New Version 40

changes.mady.by.user Niels van Dijk

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

which are specified in sections 8.3.7 and 8.3.8 of the SAML2 core specification.

The legacy format has the type urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified, as defined in the SAML 1.1 specification. Legacy identifiers in SURFconext have the form uid@example.org.  Although these might look like email addresses, they are not, and mail sent to such addresses might not (and mostly will not) be delivered.

By default, SURFconext offers the transient form of the NameId to services.  Service providers who have a need for persistent identifiers can negotiate use of the persistent NameId format when their service is connected to SURFconext.

...

By default, the NameId is the only piece of information about the euthenticated authenticated user that SURFconext conveys to SPs.  However, in many cases these services require more information about the user, such as a name or an email address. 

...

Friendly name

Attribute name

S/M

Definition

Data type

Example

ID

(NameId)
urn:mace:dir:attribute-def:eduPersonTargetedID
urn:oid:1.3.6.1.4.1.5923.1.1.1.10

 

eduPerson

UTF8 string
(unbounded)

bd09168cf0c2e675b2def0ade6f50b7d4bb4aae

Surname

urn:mace:dir:attribute-def:sn
urn:oid:2.5.4.4

 

X.520

UTF8 string
(unbounded)

Vermeegen
?

Given name

urn:mace:dir:attribute-def:givenName
urn:oid:2.5.4.42

 

X.520

UTF8 string
(unbounded)

Mërgim Lukáš
??

Common name

urn:mace:dir:attribute-def:cn
urn:oid:2.5.4.3

 

X.520

UTF8 String
(unbounded)

Prof.dr. Mërgim Lukáš Vermeegen
? ??, PhD.

Display name

urn:mace:dir:attribute-def:displayName
urn:oid:2.16.840.1.113730.3.1.241

 

RFC2798

UTF8 String
(unbounded)

Prof.dr. Mërgim L. Vermeegen
? ??, PhD.

Email address

urn:mace:dir:attribute-def:mail
urn:oid:0.9.2342.19200300.100.1.3

 

RFC4524

RFC-5322 address
(max 256 chars)

m.l.vermeegen@university.example.org
"very.unusual.@.unusual.com"@example.com
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="ef82586046fe874b-115fcf00-448544ea-88c5b4db-6fd35fffb31e2e244f634659"><ac:plain-text-body><![CDATA[mlv@[IPv6:2001:db8::1234:4321]

]]></ac:plain-text-body></ac:structured-macro>

Organization

urn:mace:terena.org:attribute-def:schacHomeOrganization
urn:oid:1.3.6.1.4.1.25178.1.2.9

 

Schac

RFC-1035 domain string

university.example.org
 

Organization Type

urn:mace:terena.org:attribute-def:schacHomeOrganizationType
urn:oid:1.3.6.1.4.1.25178.1.2.10

 

Schac

RFC-2141 URN
see Schac standard

urn:mace:terena.org:schac:homeOrganizationType:int:university
urn:mace:terena.org:schac:homeOrganizationType:es:opi

Affiliation

urn:mace:dir:attribute-def:eduPersonAffiliation
urn:oid:1.3.6.1.4.1.5923.1.1.1.1

 

eduPerson

Enum type (UTF8 String)

faculty, student, staff, (alum, member, affiliate, employee, library-walk-in)

Entitlement

urn:mace:dir:attribute-def:eduPersonEntitlement
urn:oid:1.3.6.1.4.1.5923.1.1.1.7

 

eduPerson

RFC-2141 URN
Multi-valued

to be determined per service

PrincipalName

urn:mace:dir:attribute-def:eduPersonPrincipalName
urn:oid:1.3.6.1.4.1.5923.1.1.1.6

 

eduPerson

UTF8 String
user@domain

not.a@vålîd.émail.addreß
??@aninstitutionname

isMemberOf

urn:mace:dir:attribute-def:isMemberOf
urn:oid:1.3.6.1.4.1.5923.1.5.1.1

 

eduMember

RFC-2141 URN
Multi-valued

urn:collab:org:surf.nl
urn:collab:org:clarin.org

uid

urn:mace:dir:attribute-def:uid
urn:oid:0.9.2342.19200300.100.1.1

 

RFC4519

UTF8 String
(max 256 chars)

s9603145
flåp@example.edu

preferredLanguage

urn:mace:dir:attribute-def:preferredLanguage
urn:oid:2.16.840.1.113730.3.1.39

 

RFC2798
BCP47

List of BCP47 language tags

nl
nl, en-gb;q=0.8, en;q=0.7

...