You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

(Work in progress.)

Definition

A persistent, non-reassigned, opaque identifier for a principal.
http://macedir.org/specs/eduperson/#eduPersonTargetedID

The contents of the eduPersonTargetedID attribute is a SAML 2.0 persistent NameID. This is sometimes called a "service-specific pseudonym" in that it's an opaque identifier that differs for each service a subject is accessing. I.e., Service A and Service B cannot profile (or match) subjects based on the identifier alone, as each service will know the subject by a different NameID value.

Note that saml2int recommends to transmit persistent NameIDs in the Subjectof the SAML Assertion, not as an (eduPersonTargetedID) Attribute. Our own documentation on PersistentIDs covers both cases, sending the NameID in the Assertion's Subject as well as sending it as an Attribute.

More technical information:

  • No labels