...
urn:collab:person:
= fixed prefix.{{urn:mace:terena.org:attribute-def:schacHomeOrganization}}= value of schacHomeOrganisation schacHomeOrganization attribute of the user; typically the same for all users of one institution and will be something like "institution.nl".{{urn:mace:dir:attribute-def:uid}}= value ofuidattribute of the user. Replace each "@" (at) character in the uid with an "_" (underscore) character.
...
Example: urn:collab:person:some-organisation.example.org:m1234567890
SAML Response
The result of a successful authentication is a SAML Response. Note that it does not contain an AttributeStatement and that the Assertion element is signed and that the Response element is not signed. Response signing is not currently supported by SURFsecureID, it may be added in future versions.
...
An example code for using SFO with SimpleSAMLphp can be found at: https://github.com/SURFnet/Stepup-SFO-demo