phavekes
commented
4 days ago ~~2do: aanpassen 2 acr\'s: voornaam/achternaam affiliation~~ Added givenname/surname to the attributes to be saved in the profile (Peter Havekes - Jun 4, 2020)
Closed phavekes closed 4 days ago
phavekes
commented
4 days ago ~~2do: aanpassen 2 acr\'s: voornaam/achternaam affiliation~~ Added givenname/surname to the attributes to be saved in the profile (Peter Havekes - Jun 4, 2020)
phavekes
commented
4 days ago @phavekes Bedoel je daarmee dat we de voornaam en achternaam die de gebruiker zelf heeft ingevuld gaan overschrijven met die van de IdP? En wat als er een tweede IdP bij komt? (Okke Harsta - Jun 4, 2020)@okkeh Nee, niet overschrijven, maar als extra opslaan in het profiel als bijv: verified-surname (Peter Havekes - Jun 4, 2020)Updatet ACR descriptions are here: https://wiki.surfnet.nl/x/qgQiAg (Peter Havekes - Jun 9, 2020)
This issue is imported from pivotal
EB passes this attribute to the IdP and if the SP requests an account-link using the value https://eduid.nl/trust/linked-institution then eduID checks if the user is linked to an institution. If not then the user is asked to do so. When the account is linked the return value in the AuthenticationContextClassReference from the eduID response contains the value https://eduid.nl/trust/linked-institution.
In OIDC-NG this value ends-up in the acr-claim.
The SP also receives a scopedAffiliation with the value linked-institution@eduid.nl.In Manage the ARP can be configured per SP as to pass on the filtered scoped affiliations.When a user links his eduID account to an institution account some info is added to his eduID profile:
Multiple links to multiple IDP\'s can be made. In the account-gui application all links are shown, and can be added, deleted or refreshed.