Depending on which protocol the IdP is using, SAML or OIDC, attributes need to be released in the following format, respectively.
SAML Attribute Names
SAML Attributes MUST be sent using urn:oasis:names:tc:SAML:2.0:attrname-format:uri NameFormat. Below is the list of the canonical names of the SAML attributes:
| Attribute | SAML Attribute Name | SAML Attribute Friendly Name |
|---|---|---|
| Subject ID | urn:oasis:names:tc:SAML:attribute:subject-id | subject-id |
| Pairwise ID | urn:oasis:names:tc:SAML:attribute:pairwise-id | pairwise-id |
| Community Identifier | urn:oid:1.3.6.1.4.1.25178.4.1.6 | voPersonID |
urn:oid:0.9.2342.19200300.100.1.3 | ||
| Common Name | urn:oid:2.5.4.3 | cn |
| Given Name | urn:oid:2.5.4.42 | givenName |
| Family Name | urn:oid:2.5.4.4 | surname |
| Affiliation |
| eduPersonScopedAffiliation voPersonExternalAffiliation |
| Home Organization | urn:oid:1.3.6.1.4.1.25178.1.2.9 | schacHomeOrganization |
| Assurance | urn:oid:1.3.6.1.4.1.5923.1.1.1.11 | eduPersonAssurance |
OIDC Claim Names
| Attribute | OIDC Claim |
|---|---|
| Subject ID | subject-id |
| Community Identifier | voperson_id |
| Display Name | name |
| Given Name | given_name |
| Family Name | familty_name |
| Affiliation | eduperson_scoped_affiliation voperson_external_affiliation |
| Home Organization | schac_home_organization |
| Assurance | eduperson_assurance |