Seitenhistorie
...
Subjects may enter any profile data they want during the account registration phase, so relying on any of the data provided should only be done with extreme caution.
| Warnung | ||
|---|---|---|
| ||
The only piece of data which is verified in some sense is the email address, which will be used during account generation, so it must be deliverable and accessible to the subject registering the account – at least at the time of the account creation. |
...
| Friendly name | Formal attribute name | Description |
|---|---|---|
| givenName | urn:oid:2.5.4.42 | First name |
| sn | urn:oid:2.5.4.4 | Last name |
| displayName | urn:oid:2.16.840.1.113730.3.1.241 | "Firstname Lastname" (whitout without the quotes) |
urn:oid:0.9.2342.19200300.100.1.3 | The email address used for verification emails during account creation | |
| eduPersonPrincipalName | urn:oid:1.3.6.1.4.1.5923.1.1.1.6 | Always of the form [a-z0-9]{7}@openidp.aco.net, i.e. seven (random) lower-case characters and/or digits + "@openidp.aco.net".The string is "random" only during generation of the account; after that the created eduPersonPrincipalName value will not change. Also, eduPersonPrincipalName values will not be re-used or re-assigned from one person to another. |
| eduPersonEntitlement (only in few cases) | urn:oid:1.3.6.1.4.1.5923.1.1.1.7 | For application owners the OpenIDP allows the provisioning of entitlement values via a proprietary API. E.g. after the u:book support team (see below) has verified someone's identity and eligibility ("studentness") status, they are able to store that fact in an entitlement specific to their services, e.g. provides/brokers). |
Services known to accept ACOnet OpenIDP identities
...
Überblick
Inhalte
Aufgabenbericht