...
- The user’s email address is a poor choice for
eduPersonPrincipalName
asserted by a gateway. - The OpenID Connect subject identifier (sub) more accurately maps to
eduPersonTargetedID
oreduPersonUniqueId
, noteduPersonPrincipalName
. - For a social gateway, the recommended value of
eduPersonPrincipalName
is
whereWiki Markup Div {div:style= style margin-top:1.5ex; }{
}No Format
{noformat}{div}user+domain1@social_idp.domain2
user@domain1
is the email address of the user,social_idp
is the name of the social provider, anddomain2
is a domain owned by the organization that owns and operates the gateway.
...