...
| Table of Contents | ||
|---|---|---|
|
...
Community User Identifier
| Name | eduTEAMS Community User Identifier |
|---|---|
| Description | User’s Community Identifier is an opaque and non-revocable identifier (i.e. it cannot change over time) that follows the syntax of eduPersonUniqueId attribute of eduPerson. It consists of “uniqueID” part and fixed scope “eduteams.org”, separated by at sign. The uniqueID part contains up to 64 hexadecimal digits (a-f, 0-9) |
| SAML Attribute(s) | - 1.3.6.1.4.1.5923.1.1.1.13 (eduPersonUniqueId) - urn:oasis:names:tc:SAML:attribute:subject-id |
| OIDC claim(s) | sub (public) |
| OIDC claim location | The claim is available in: ☑ ID token ☑ Userinfo endpoint ☐ Introspection endpoint |
| OIDC scope | openid |
| Origin | eduTEAMS assigns this attribute to a user when they register on the Service |
| Changes | No |
| Multiplicity | Single-valued |
| Availability | Mandatory |
| Example | 28c5353b8bb34984a8bd4169ba94c606@eduteams.org |
| Notes | eduPerson defines the comparison rule caseIgnoreMatch for eduPersonUniqueID. Relying services are encouraged to validate the scope of this attribute against the values permitted for eduTEAMS. eduTEAMS makes exclusive use of scope eduteams.org“. The eduTEAMS identifier and username “test@eduteams.org” are test accounts reserved for testing and monitoring the proper functioning of the eduTEAMS Login. The Relying parties should not authorise it to access any valuable resources. |
...