Versions Compared

Old Version 7

changes.mady.by.user Peter Brand

Saved on

compared with

New Version 8

changes.mady.by.user Peter Brand

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

(Work in progress.)

Info
iconfalse
titleDefinition

A persistent, non-reassigned, opaque identifier for a principal.
http://macedir.org/specs/eduperson/#eduPersonTargetedID

The contents of the eduPersonTargetedID attribute is a SAML 2.0 persistent NameID. This is sometimes called a "service-specific pseudonym" in that it's an opaque identifier that differs for each service a subject is accessing. I.e., Service A and Service B cannot profile (or match) subjects based on the identifier alone, as each service will know the subject by a different NameID value.

Note that saml2int recommends  (the SAML deployment profile used in the global Research & Education community) recommends to transmit persistent NameIDs in the Subjectof the SAML Assertion, not as an (eduPersonTargetedID) Attribute. Our own documentation on PersistentIDs covers both cases, sending the NameID in the Assertion's Subject as well as sending it as an eduPersonTargetedID Attribute.

More technical information:

...