Page tree
Skip to end of metadata
Go to start of metadata

User attributes are released only to registered SAML Service Providers and Federation affiliates and only upon successful authentication by the user. Attribute release is subject to notification or approval of the Office of Information Security.

 
* Attribute released by default to any service provider.

** Attribute release to inCommon federation

*** CAS user attribute


CAS User

The default CAS user attribute is normalized to the upscoped NinerNet username (UID). However this value can be overridden on a per-service basis with any of the attributes below appropriate for user identification.

Attribute

Attribute Format

Attribute Description

AD Attribute

Name Identifiers

NinerNET *urn:oasis:names:tc:SAML:1.1:nameid-format:unspecifiedusernamesamaccountname
Email urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddressjdoe@uncc.edu (scoped samaccountname)
samaccountname
Common UNC Charlotte Attributes
givenName * **urn:oid:2.5.4.42first name (legal or preferred if exists)

givenname

surname * **urn:oid:2.5.4.4last name (legal or preferred if exists)

sn

displayName * **urn:oid:2.16.840.1.113730.3.1.241full name "surname, givenName"

displayname

mail * **urn:oid:0.9.2342.19200300.100.1.3email address - jdoe@uncc.edu (alias if exists)

mail

UID * ***urn:oid:0.9.2342.19200300.100.1.1username

samaccountname

universityID * **urn:mace:uncc.edu:dir:attribute-def:universityID800555555

employeenumber

commonName *urn:oid:2.5.4.3username

cn

titleurn:oid:2.5.4.12Faculty/Staff, Student, Emeritus, Affiliatetitle
UDCIDurn:mace:uncc.edu:dir:attribute-def:udcidBanner UDCID

ExtensionAttribute6

bannerRoles

urn:mace:uncc.edu:dir:attribute-def:bannerRoles

user role(s) - as defined in Banner (STUDENT, FACULTY, EMPLOYEE, EMERITUS, SPONSORED, PRE_EMPLOYEE, etc)ExtensionAttribute3

memberof

urn:oid:1.3.6.1.4.1.5923.1.5.1.1

Active directory group membership

memberof

employeeJobCode

urn:mace:uncc.edu:dir:attribute-def:employeeJobCode

Banner employee class codeextensionattribute10

eduPerson Attributes (InCommon)

eduPersonPrincipalName * **urn:oid:1.3.6.1.4.1.5923.1.1.1.6ninernet@uncc.edu

samaccountname

eduPersonTargetedID * **urn:oid:1.3.6.1.4.1.5923.1.1.1.10A persistent, non-reassigned, privacy-preserving identifier for a user shared between an IdP and SP.
eduPersonAffiliationurn:oid:1.3.6.1.4.1.5923.1.1.1.1staff,faculty,student,affiliate (defaults to affiliate, student only if taking classes)

extensionattribute15

eduPersonNicknameurn:oid:1.3.6.1.4.1.5923.1.1.1.2givenName - first name (legal or preferred if exists)givenname
eduPersonScopedAffiliation * **urn:oid:1.3.6.1.4.1.5923.1.1.1.9

staff@uncc.edu,faculty@uncc.edu,student@uncc.edu,affiliate@uncc.edu


UNC GA Attributes

campusPermanentId *urn:oid:1.3.6.1.4.1.32548.1.1.2800555555@uncc.edu
logoutURL *federation.northcarolina.edu.logouturlhttps://webauth.uncc.edu/idp/profile/Logout




  • No labels