Data Attributes Available via Shibboleth
This page is being updated and refined - the information on it is not yet considered to be "official". Thanks for your understanding!
The following is a list of popular attributes available form UCLA's Shibboleth Identity Provider.
Basic "Person" Attributes
Attributes Defined in eduPerson
eduPerson is a LDAP object class that includes widely-used person attributes in higher education. eduPerson attributes are typically made available via a Shibboleth Identity Provider.
- eduPersonAffiliation
- eduPersonEntitlement
- eduPersonNickname
- eduPersonOrgDN
- eduPersonOrgUnitDN
- eduPersonPrimaryAffiliation
- eduPersonPrimaryOrgUnitDN
- eduPersonPrincipalName
- eduPersonScopedAffiliation
- eduPersonTargetedID
Attributes Defined by UCTrust
- UCnetID (urn:oid:2.16.840.1.113916.1.1.4.1)
- UCTrustAssurance (urn:oid:2.16.840.1.113916.1.1.5)
- UCCampusEmployeeID (urn:oid:2.16.840.1.113916.1)
- UCTrustShortCampusID (urn:oid:2.16.840.1.113916.1.1.7)
Details about the UCTrust Common Identity Attributes can be found here
Additional UCLA-specific Attributes
In addition to the above attributes, the UCLA Enterprise Directory hosts a number of additional attributes. These attributes are available to campus applications upon access approval. Visit the AvailableEDAttributes page for a complete listing.
3 Comments
Wu, Albert
the document needs serious update to reflect current set of available attributes. it should also better integrate with the shibboleth support documentation.
Phillabaum, Paul
Also, urn:mace is deprecated in saml 2.0. It would be nice if this page was updated as well the ucla attribute-map file over at https://spaces.ais.ucla.edu/display/iamuclabetadocs/Shib2Config-LinuxApache-attribute-map.xml
Daniel Tran
Paul,
here's the link i found for what you mentioned above: http://www.incommonfederation.org/attributesummary.html