Table of Contents
...
UH Identity Provider Service Values for Service Providers
Service Providers require the following information so that their SP is able to interface successfully with the UH Identity Provider service.
IdP Info | UH Value | Notes |
---|---|---|
Identity Provider EntityID | Production Environment (and metadata source URL) | |
Identity Provider EntityID | Test Environment (and metadata source URL) | |
Administrator Email Address | ||
UH is considered to be an Identity Provider. |
Attribute Release Practices
...
Service Provider Test Environments Recommended
It is recommended that a test environment for the service provider be available to test candidate configurations in our UH identity provider test environment to ensure everything meets expectations before deployment to our production environment. If unable to test candidate configurations in our test environment first, we are capable of deploying candidates directly to our production environment, but change management procedures constrain this and limits how quickly we can test and deploy any necessary changes.
It is also highly recommended that a service provider test environment be generally available beyond the initial service deployment. When the Shibboleth IdP is upgraded as necessary, An SP test environment will provide a means to test against any new integration changes before the new versions are deployed to our production Identity Provider environment.
Released Attributes
The attributes are released as specified by the attribute release policy set up for each SP. Below is a subset of the available attributes. UH generally uses the eduPerson schema.
Attribute | Description | Example Data | Additional Info |
---|---|---|---|
Common Name | Jane Doe | ||
Surname | Doe | ||
Given name | Jane | ||
Preferred form of name for display | J. Doe |
|
| |||
Campus affiliation | student | ||
Campus affiliation @ scope (hawaii.edu) | student@hawaii.edu | ||
eduPersonPrincipalName (ePPN) | UH Username '@' scope (hawaii.edu) | jdoe@hawaii.edu |
|
eduPersonTargetedID (ePTID) | An opaque, persistent unique id for each person for each Service Provider. | yWuV78oU5z65ulepbaOCsrjHMtI= |
|
| |||
Email address | jdoe@hawaii.edu |
| |
UH Number | 12341234 |
| |
UH Username | jdoe |
| |
Organizational affiliations by role | eduPersonOrgDn=kauaicc,eduPersonAffiliation=faculty |
| |
Name used to AuthN to the IdP | jdoe |
|
More comprehensive information regarding for these attributes may be found here:
InCommon Federation Default Attribute Bundle
We release the following attributes by default to members of the InCommon Federation:
displayName (if available)
References
A good SAML primer
...