| 
AAF Core Attributes
The following is the list of core attributes used within the AAF. AAF Identity Providers need to collect or generate the core attributes regarding their end users. When an end user tries to access a service via the federation, the Service Provider may request some or all of these attributes about the end user from the Identity Provider. With end user permission, the Identity Provider may release the attributes to the Service Provider.
The attributes are used by the Service Provider to make authorisation decisions and to manage the user’s experience with the service. Service Providers should consider which attributes they need in order to provide the service effectively and only request those attributes that are needed. The list of core attributes may evolve over time in response to the needs of the AAF participants.
| Attribute | Example Value |
|---|---|
| auEduPersonSharedToken | ZsiAvfxa0BXULgcz7QXknbGtfxk |
| displayName | Jack Dougherty |
| eduPersonAffiliation | Faculty |
| eduPersonEntitlement | urn:mace:washington.edu:confocalMicroscope http://www.sirca.org.au/contract/GL123 |
| eduPersonScopedAffiliation | faculty@uq.edu.au faculty@imb.uq.edu.au student@law.uq.edu.au |
| eduPersonTargetedID | 7eak0QQIEhygtPXtpgmu5l5hRnY |
| AuthenticationMethod | urn:mace:aaf.edu.au:iap:authN:level1 |
| eduPersonAssurance | urn:mace:aaf.edu.au:iap:ID:level2 |
| cn | Jack Liam Dougherty |
| o | The University of Queensland |
| j.dougherty@uq.edu.au |
[List of Core Attributes as documented in Appendix 1 of the Federation Rules for Participants]
Detailed information about these attributes can be found in the auEduPerson Definition and Attribute Vocabulary
Many other attributes are listed in this document in addition to the AAF core attributes. Together they form a standard attribute vocabulary for the sector and federation participants may find it useful to explore additional user attributes; however AAF Identity Providers are only required to support those attributes in the core list.
The LDAP Schema definitions (LDIFs) needed to extend your directory can be found at the follow links:
Further information about the responsibilities of AAF participants in managing user attributes can be found in the Federation Rules for Participants.
