User attributes
This section defines the attributes that can be made available to services
connected to the GRNET eID Proxy.
1. Unique ID
2. Person Identifier
| attribute name | Person Identifier |
|---|
| description | The user's person identifier |
| SAML Attribute(s) | - |
| OIDC scope | profile |
| OIDC claim(s) | person_identifier |
| OIDC claim location | Userinfo endpoint |
| origin | Provided by the eIDAS Node from which the user is authenticating |
| changes | Yes |
| multiplicity | Single-valued |
| availability | Always (for natural person authentication through eIDAS) |
| example | CA/CA/UniqueId1 |
| notes | Any service that consumes assertions of identity must assume that the Unique Identifier presented for a particular person may change over time e.g. where the user's digital identity is replaced or repaired. This should be handled by a consuming service using the same matching process as used when an identity is first encountered utilising the Minimum Data Set to identify the Principal within the service. |
| status | Stable |
3. Given Name
| attribute name | Given Name |
|---|
| description | The user's first name |
| SAML Attribute(s) | urn:oid:2.5.4.42 (givenName) |
| OIDC scope | profile |
| OIDC claim(s) | given_name |
| OIDC claim location | Userinfo endpoint |
| origin | Provided by user's Identity Provider |
| changes | Yes |
| multiplicity | Single-valued |
| availability | Always (for natural person authentication through eIDAS) |
| example | John |
| notes | - |
| status | Stable |
4. Family Name
| attribute name | Family Name |
|---|
| description | The user's last name |
| SAML Attribute(s) | urn:oid:2.5.4.4 (sn) |
| OIDC scope | profile |
| OIDC claim(s) | family_name |
| OIDC claim location | Userinfo endpoint |
| origin | Provided by user's Identity Provider |
| changes | Yes |
| multiplicity | Single-valued |
| availability | Always (for natural person authentication through eIDAS) |
| example | Doe |
| notes | - |
| status | Stable |
5. Birth Date
| attribute name | Birth Date |
|---|
| description | The user's birth date |
| SAML Attribute(s) | urn:oid:1.3.6.1.4.1.25178.1.2.3 (schacDateOfBirth) |
| OIDC scope | profile |
| OIDC claim(s) | birth_date |
| OIDC claim location | Userinfo endpoint |
| origin | Provided by user's Identity Provider |
| changes | Yes |
| multiplicity | Single-valued |
| availability | Always (for natural person authentication through eIDAS) |
| example | 1965-01-01 |
| notes | - |
| status | Stable |
6. Legal Name
| attribute name | Legal Name |
|---|
| description | The user's legal name |
| SAML Attribute(s) | - |
| OIDC scope | legal_profile |
| OIDC claim(s) | legal_name |
| OIDC claim location | Userinfo endpoint |
| origin | Provided by user's Identity Provider |
| changes | Yes |
| multiplicity | Single-valued |
| availability | Always (for legal person authentication through eIDAS) |
| example | Legal Name 1 |
| notes | - |
| status | Stable |
7. Legal Person Identifier
| attribute name | Legal Name |
|---|
| description | The user's legal person identifier |
| SAML Attribute(s) | - |
| OIDC scope | legal_profile |
| OIDC claim(s) | legal_person_identifier |
| OIDC claim location | Userinfo endpoint |
| origin | Provided by user's Identity Provider |
| changes | Yes |
| multiplicity | Single-valued |
| availability | Always (for legal person authentication through eIDAS) |
| example | CA/CA/UniqueId1 |
| notes | - |
| status | Stable |
8. Legal Address
| attribute name | Legal Name |
|---|
| description | The current address for the natural person as registered with the eIDAS Member State authority. |
| SAML Attribute(s) | - |
| OIDC scope | legal_address |
| OIDC claim(s) | legal_address |
| OIDC claim location | Userinfo endpoint |
| origin | Provided by user's Identity Provider |
| changes | Yes |
| multiplicity | Single-valued |
| availability | Only when released by the eIDAS Node from which the legal person is authenticating |
| example | PGVpZGFzLWxlZ2FsOkZ1bGxDdmFkZHJlc3M+TGVnYWwgYWRkcmVzczwvZWlkYXMtbGVnYWw6RnVsbEN2YWRkcmVzcz4K |
| notes | Address data is structured as an XML sequence of xsd:string elements. This data is base64 encoded. |
| status | Stable |
9. Vat Registration
| attribute name | Vat Registration |
|---|
| description | The user's vat registration number |
| SAML Attribute(s) | - |
| OIDC scope | vat_registration |
| OIDC claim(s) | vat_registration |
| OIDC claim location | Userinfo endpoint |
| origin | Provided by user's Identity Provider |
| changes | Yes |
| multiplicity | Single-valued |
| availability | Only when released by the eIDAS Node from which the legal person is authenticating |
| example | 12345 |
| notes | - |
| status | Stable |