Lehigh's SSO SAML2 Identity Provider (IDP) automatically maps account attributes which are shared with the service provider (SP) when you authenticate and login. Here are the default mappings and some examples.
| Attribute Name | English Name | Example |
|---|---|---|
| urn:oid:0.9.2342.19200300.100.1.1 | username | x057 |
| urn:oid:0.9.2342.19200300.100.1.3 | email address | x057@lehigh.edu |
| urn:oid:1.3.6.1.4.1.5923.1.1.1.6 | eppn or eduPersonPrincipalName | x057@lehigh.edu |
| urn:oid:1.3.6.1.4.1.5923.1.1.1.7 | eduPersonEntitlement | urn:mace:dir:entitlement:common-lib-terms |
| urn:oid:1.3.6.1.4.1.5923.1.1.1.1 | eduPersonAffiliation | alum, employee, member, staff, faculty, student, affiliate, library-walk-in1 |
| urn:oid:1.3.6.1.4.1.5923.1.1.1.5 | eduPersonPrimaryAffiliation | staff |
| urn:oid:2.5.4.3 | commonName | Test Account |
| urn:oid:2.16.840.1.113730.3.1.241 | displayName | Test Account |
| urn:oid:2.5.4.4 | Last Name (sn or surname) | Account |
| urn:oid:2.5.4.42 | First Name (givenName) | Test |
| urn:oid:1.3.6.1.4.1.5923.1.1.1.10 | eduPersonTargetedID | dffd47824f4baccd481469fa428231f1f6e04 |
| urn:oid:1.3.6.1.4.1.5923.1.1.1.9 | eduPersonScopedAffiliation | alum@lehigh.edu, staff@lehigh.edu, student@lehigh.edu |
| 1.3.6.1.4.1.5923.1.1.1.16 | eduPersonOrcid | http://orcid.org/0000-0002-1825-00972 |
Notes:
- Library-walk-in isn't currently used at Lehigh.
- eduPersonOrcid isn't currently included in our attributes.
A good discussion of the attributes and their mapping and usage can be found in the REFEDS eduPerson standard.