Identity Provider question
Nate Klingenstein
ndk at internet2.edu
Tue May 20 13:53:04 EDT 2014
Walter,
I am trying to get more information on Identity Provider. Is there a list of the information that Identity Provider provides about users who opt to allow us to see this information?
Any given identity provider(IdP) is operated directly by the organization that it asserts information on behalf of, so there is no one "Identity Provider". Any IdP can release as little or as much information as desired to any service. You can make a request for specific attributes but you'll need logic to handle instances where you don't get it. The attributes available generally include inetOrgPerson and eduPerson as a baseline, and many IdP's support additional attributes.
Is there any indication of what percentage of users opt to allow this service?
Most IdP's in academia operate under the principle that attribute release is a required part of delivering educational services and don't explicitly prompt the user for further consent. Some IdP's do request consent and there are widely used implementations for this for Shibboleth. We don't have any statistics regarding consent from them.
Hope this helps,
Nate.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20140520/9a638eea/attachment.html
More information about the users
mailing list