...
| Name | User Identifier |
|---|---|
| Description | The User Identifier is an opaque and non-revocable identifier (i.e. it cannot change over time). The User Identifier has a limit of 255 characters |
| SAML Attribute(s) | - urn:oasis:names:tc:SAML:attribute:subject-id |
| OIDC claim(s) | sub (public) |
| OIDC claim location | The claim is available in: ☑ ID token ☑ Userinfo endpoint ☐ Introspection endpoint |
| OIDC scope | openid |
| Origin | Assigned to the user by the GEANT SP Proxy |
| Changes | No |
| Multiplicity | Single-valued |
| Availability | Mandatory |
| Example | E413E5B2-1439-42DA-A7ED-23444DDD0E5B@aai.geant.org |
| Notes | The User Identifier and Username “test@aai.geant.org” are test accounts reserved for testing and monitoring the proper functioning. The Relying parties should not authorise it to access any valuable resources. |
...