IdP Home Consent Withdrawal Test Login Attributes Tech Details RU IdM SAFIRE

Identity Provider Attributes

The following user attributes are supported by this identity provider:

Attribute Name	Description	Example value	SAFIRE
eduPersonTargetedID	Persistent pseudonymous ID (remains constant on each login, but is different for each service provider)	6a70ed71d5a84a66e4fbf8bddf1cd78af6c5b5cd	No
uid	Rhodes username	s2400000	No
eduPersonPrincipalName	Cross-institutional form of Rhodes username (usually matches eduroam username)	s2400000@wf.ru.ac.za	Yes
sn	Surname or family name	Jørgensen	Yes
givenName	Given name(s), typically a legal name	Benjamin Vuyo	No
eduPersonNickname	Preferred name or nick name (what the person is usually known as)	Ben	Yes
displayName	Name formated for display	Ben Jørgensen	Yes
mail	Rhodes email address	B.V.Jorgensen@ru.ac.za	Yes
employeeNumber	Rhodes employee or student number (student number is not set by default)	2400000	Yes
preferredLanguage	Preferred language (currently only set from login interface)	en	Yes
eduPersonPrimaryAffiliation	Primary affiliation at Rhodes (currently eDirectory context)	staff	Yes
eduPersonAffiliation	Affiliation(s) (currently only based on eDirectory context)	staff member	Yes
eduPersonScopedAffiliation	Institutionally scoped version of eduPersonAffiliation	staff@ru.ac.za member@ru.ac.za	Yes
isMemberOf	Group membership (currently from eDirectory)	Information & Technology Services VPN Users	No
o	Organisation name	Rhodes University	No
schacHomeOrganization	Machine-readable form of the organisation name	ru.ac.za	Yes
schacHomeOrganizationType	Machine-readable description of organisation	…:int:university	No

Notes

Note that the presence of an attribute in the list above does not imply it will be available to a service provider. We practice minimal release, and each service provider needs to justify the attributes then require.
Attribute names like this are released by default, and are the only attributes that do not require specific motivation.
Example values like this are static and set by the IdP (they do not vary from user to user)
Attributes are released in URN:OID format using standard OIDs (as in the sample attribute-map.xml).
Attributes marked Yes in the SAFIRE column are released to the South African Identity Federation when connecting to a federated service provider, and SAFIRE handle consent and manage attribute release policies on our behalf.