User attributes
This section defines the attributes that can be made available to services
connected to the GRNET eID Proxy.
1. Unique ID
2. Person Identifier
attribute name | Person Identifier |
---|
description | The user's person identifier |
SAML Attribute(s) | - |
OIDC scope | profile |
OIDC claim(s) | person_identifier |
OIDC claim location | Userinfo endpoint |
origin | Provided by the eIDAS Node from which the user is authenticating |
changes | Yes |
multiplicity | Single-valued |
availability | Always (for natural person authentication through eIDAS) |
example | CA/CA/UniqueId1 |
notes | Any service that consumes assertions of identity must assume that the Unique Identifier presented for a particular person may change over time e.g. where the user's digital identity is replaced or repaired. This should be handled by a consuming service using the same matching process as used when an identity is first encountered utilising the Minimum Data Set to identify the Principal within the service. |
status | Stable |
3. Given Name
attribute name | Given Name |
---|
description | The user's first name |
SAML Attribute(s) | urn:oid:2.5.4.42 (givenName) |
OIDC scope | profile |
OIDC claim(s) | given_name |
OIDC claim location | Userinfo endpoint |
origin | Provided by user's Identity Provider |
changes | Yes |
multiplicity | Single-valued |
availability | Always (for natural person authentication through eIDAS) |
example | John |
notes | - |
status | Stable |
4. Family Name
attribute name | Family Name |
---|
description | The user's last name |
SAML Attribute(s) | urn:oid:2.5.4.4 (sn) |
OIDC scope | profile |
OIDC claim(s) | family_name |
OIDC claim location | Userinfo endpoint |
origin | Provided by user's Identity Provider |
changes | Yes |
multiplicity | Single-valued |
availability | Always (for natural person authentication through eIDAS) |
example | Doe |
notes | - |
status | Stable |
5. Birth Date
attribute name | Birth Date |
---|
description | The user's birth date |
SAML Attribute(s) | urn:oid:1.3.6.1.4.1.25178.1.2.3 (schacDateOfBirth) |
OIDC scope | profile |
OIDC claim(s) | birth_date |
OIDC claim location | Userinfo endpoint |
origin | Provided by user's Identity Provider |
changes | Yes |
multiplicity | Single-valued |
availability | Always (for natural person authentication through eIDAS) |
example | 1965-01-01 |
notes | - |
status | Stable |
6. Legal Name
attribute name | Legal Name |
---|
description | The user's legal name |
SAML Attribute(s) | - |
OIDC scope | legal_profile |
OIDC claim(s) | legal_name |
OIDC claim location | Userinfo endpoint |
origin | Provided by user's Identity Provider |
changes | Yes |
multiplicity | Single-valued |
availability | Always (for legal person authentication through eIDAS) |
example | Legal Name 1 |
notes | - |
status | Stable |
7. Legal Person Identifier
attribute name | Legal Name |
---|
description | The user's legal person identifier |
SAML Attribute(s) | - |
OIDC scope | legal_profile |
OIDC claim(s) | legal_person_identifier |
OIDC claim location | Userinfo endpoint |
origin | Provided by user's Identity Provider |
changes | Yes |
multiplicity | Single-valued |
availability | Always (for legal person authentication through eIDAS) |
example | CA/CA/UniqueId1 |
notes | - |
status | Stable |
8. Legal Address
attribute name | Legal Name |
---|
description | The current address for the natural person as registered with the eIDAS Member State authority. |
SAML Attribute(s) | - |
OIDC scope | legal_address |
OIDC claim(s) | legal_address |
OIDC claim location | Userinfo endpoint |
origin | Provided by user's Identity Provider |
changes | Yes |
multiplicity | Single-valued |
availability | Only when released by the eIDAS Node from which the legal person is authenticating |
example | PGVpZGFzLWxlZ2FsOkZ1bGxDdmFkZHJlc3M+TGVnYWwgYWRkcmVzczwvZWlkYXMtbGVnYWw6RnVsbEN2YWRkcmVzcz4K |
notes | Address data is structured as an XML sequence of xsd:string elements. This data is base64 encoded. |
status | Stable |
9. Vat Registration
attribute name | Vat Registration |
---|
description | The user's vat registration number |
SAML Attribute(s) | - |
OIDC scope | vat_registration |
OIDC claim(s) | vat_registration |
OIDC claim location | Userinfo endpoint |
origin | Provided by user's Identity Provider |
changes | Yes |
multiplicity | Single-valued |
availability | Only when released by the eIDAS Node from which the legal person is authenticating |
example | 12345 |
notes | - |
status | Stable |