...
| Name | Email address |
|---|---|
| Description | Email address of the user. Users may have multiple email addresses, some of which were verified. A verified email address means that the GEANT AAI Service or the user’s Home IdP has taken affirmative steps to ensure that this email address was controlled by the user at the time the verification was performed. The specific verification mechanism is not defined here, but is expected to meet industry best practices. |
| SAML Attribute(s) |
|
| OIDC claim(s) |
|
| OIDC claim location | The claim is available in: ☐ ID token ☑ Userinfo endpoint ☐ Introspection endpoint |
| OIDC scope | Any of:
|
| Origin | Provided by the Identity Provider of the user or registered by the GEANT AAI Service after ownership of the email address has been verified. |
| Changes | Yes |
| Multiplicity | Single-valued |
| Availability | Optional |
| Example | jack.dougherty@example.com |
| Notes |
...