Shared practice recommendations
It would be to all our benefits if we could agree to follow the same conventions to the extent feasible with regard to attribute and value syntax and semantics across implementations. That is, it would be good if Google and Twitter were known by the same identifier whether one was using the UT System gateway, the Penn State Gateway, or a native SP backdoor approach. To the extent we can converge on common practices, it will be easier for adopters of one solution to migrate to another if needed.
The first step would be to identify which items of information would benefit from standardization. A discussion starter list follows below:
Item |
Description |
Proposed syntax |
---|---|---|
Gateway Identifier |
A value that uniquely identifies the gateway used (if any) |
URI |
Social Provider Identifier |
A value that uniquely identifies one of the social providers (e.g., one for Google, Facebook, Twitter, Yahoo,....) |
URI |
Display Name |
A human-friendly representation of the authenticated user's name |
ePDisplayName |
Given Name |
|
givenName |
Surname |
A surname or surname component |
sn |
Principal Name |
A scoped user identifier |
ePPrincipalName |
Email Address |
The user's email |
|
Persistent Identifier |
A unidirectional identifier, unique to a triple of IdP, SP and user |
ePTargetedId |
|
|
|