The following is a summary of the (SAML2) attributes supported by SAFIRE.
Minimum attributes required for participation
- displayName 1
- eduPersonPrincipalName 1
- eduPersonScopedAffiliation 1
- givenName 1
- mail 1
- sn 1
- subject-id (General Purpose Subject Identifier) 2 3
Optional attributes
- eduPersonAffiliation
- eduPersonAssurance 3
- eduPersonDisplayPronouns
- eduPersonEntitlement 4
- eduPersonOrcid
- eduPersonPrimaryAffiliation
- preferredLanguage
- schacHomeOrganization 4
SAFIRE supplied attributes
- eduPersonTargetedID 1 5
- pairwise-id (Pairwise Subject Identifier)
- schacHomeOrganizationType
-
Required for Research & Scholarship entity category. ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎ ↩︎
-
subject-id
is mandatory for new identity providers that were added after 1 September 2025. It is an optional (but recommended attribute) for all other identity providers. ↩︎ -
Required for the Pseudonymous Access or Personalized Access entity categories. ↩︎ ↩︎
-
Will be generated by the Federation Operator if not supplied. ↩︎ ↩︎
-
Use of this attribute is deprecated — use the SAML2 Subject NameID instead. ↩︎