Page History
...
Adjust the IDP configuration to lookup and/or generate any potentially missing attributes. All
| Note | ||
|---|---|---|
| ||
...
should be able to produce the following attributes: |
- Name attributes
- displayName (
urn:oid:2.16.840.1.113730.3.1.241) - givenName (
urn:oid:2.5.4.42) - sn (
urn:oid:2.5.4.4)
- displayName (
- Identifiers
- eduPersonTargetedID (a.k.a. SAML2 persistent NameID,
urn:oid:1.3.6.1.4.1.5923.1.1.1.10) - eduPersonPrincipalName (
urn:oid:1.3.6.1.4.1.5923.1.1.1.6) - mail (
urn:oid:0.9.2342.19200300.100.1.3)
- eduPersonTargetedID (a.k.a. SAML2 persistent NameID,
- Authorization
- eduPersonScopedAffiliation (
urn:oid:1.3.6.1.4.1.5923.1.1.1.9) - eduPersonEntitlement (
urn:oid:1.3.6.1.4.1.5923.1.1.1.7)
- eduPersonScopedAffiliation (
- Organizational data
- schacHomeOrganization (
urn:oid:1.3.6.1.4.1.25178.1.2.9)
- schacHomeOrganization (
...
| Info | ||
|---|---|---|
| ||
The currently best option we have for this are Entity Categories which allow to group Service Providers by common criteria and release certain attributes to whole categories of SPs. This is a risk-based approach, enabling low-risk transactions with high benefit services. Useful categories are (more to come): |
...
To make your Identity Provider usable with Services services from other interfederated institutions contact ACOnet in order for your entity to become visible to eduGAIN (and from there to other eduGAIN-participating federations).
Overview
Content Tools
Tasks