Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

For mapping SAML to OIDC we use the REFEDS OIDCre  'OpenID Connect SAML mapping' specification (also see https://github.com/surfnet-niels/refeds-oidcre-saml-oidc-mapping/blob/master/refeds-oidcre-oidc-saml-mapping.md ).

Attribute candidates

The following attributes are identified as possible candidates, but it has not been decided whether to incorporate them:

  • 'eduPersonUniqueId', 'urn:oid:1.3.6.1.4.1.5923.1.1.1.13'
  • 'eduPersonOrcid', 'urn:oid:1.3.6.1.4.1.5923.1.1.1.16'
  • 'cn', 'urn:oid:2.5.4.3'
  • 'description', 'urn:oid:2.5.4.13'
  • 'facsimileTelephoneNumber', 'urn:oid:2.5.4.23'
  • 'l', 'urn:oid:2.5.4.7'
  • 'labeledURI', 'urn:oid:1.3.6.1.4.1.250.1.57'
  • 'mobile', 'urn:oid:0.9.2342.19200300.100.1.41'
  • 'o', 'urn:oid:2.5.4.10'
  • 'ou', 'urn:oid:2.5.4.11'
  • 'postalCode', 'urn:oid:2.5.4.17'
  • 'st', 'urn:oid:2.5.4.8'
  • 'street', 'urn:oid:2.5.4.9'
  • 'telephoneNumber', 'urn:oid:2.5.4.20'
  • 'title', 'urn:oid:2.5.4.12'
  • 'schacPersonalTitle', 'urn:oid:1.3.6.1.4.1.25178.1.2.8'

How we supply group information to SP's

...