vyruss
commented
7 years ago @alexstuart this configuration is not used in production.
Closed alexstuart closed 7 years ago
vyruss
commented
7 years ago @alexstuart this configuration is not used in production.
alexstuart
commented
7 years ago Fair enough about not using the configuration. However you will still need RequestedAttribute elements registered in metadata if you want to interoperate with IdPs registered in a federation that require them. DFN-AAI (Germany) and Edugate (Ireland) are two federations that spring to mind. And since the metadata for this SP goes worldwide, it's good practice to register these elements in metadata.
Some federations require that you register
RequestedAttributeelements in your metadata so that IdPs can determine attribute release policies. The test SP doesn't include any. See The UK federation's documentation on RequestedAttributes.The application appears to need only a persistent identifier to created a federated account. But the code at https://github.com/DMPRoadmap/roadmap/blob/master/config/initializers/omniauth.rb mentions a number of other attributes (eppn, scoped and unscoped affiliation, entitlement, mail) which should be added as
RequestedAttributeelements if they are being used by the application.