WyoLogin Attribute Release Policy

Shibboleth Attributes

The following attributes are currently available for release from the Shibboleth identity provider.  Additional attributes can be enabled or created as needed.  See the Internet2 attribute list for more attributes.

Attribute

Description

Example Data

Additional Info

cn

Preferred form of name for display

Joe Cowboy

displayName

Preferred form of name for display

Joe Cowboy

givenName

First name

Joe

eduPersonAffiliation

Campus affiliation

student

  • This value can have multiple values

eduPersonScopedAffiliation

Campus affiliation @ scope (uwyo.edu)

student@uwyo.edu

  • This value can have multiple values

eduPersonPrincipalName (ePPN)

UW Username '@' scope (uwyo.edu)

jcowboy@uwyo.edu

  • These are never reassigned

eduPersonTargetedID (ePTID)

An opaque, persistent unique id for each person for each Service Provider.

yWuV78oU5z65ulepbaOCsrjHMtI=

  • This attribute is designed to help preserve user privacy by preventing different Service Providers from aggregating and matching user data

mail

Email address

jcowboy@uwyo.edu

  • Users with a professional alias will have their alias returned as the value

sn

Last name

Cowboy

uid

UWYO Username

jcowboy

  • These are never reassigned

telephoneNumber

Telephone Number

(307)766-5555

  • This value comes from employment records from Human Resources.For employees it will be their office phone.For non-employees this value will be blank

employeeNumber

A persistent value assigned when the account is created

AE5B345880003BAB01725

  • All users, including non-employees, will have a value in this field

UWID

Student ID

W01234567

  • All users, including non-students, will have a value in this field

uwDepartment

The name of an employees's department

Advising Services

  • Non-employees will have a blank value for this attribute

cardId

Student ID

W01234567

  • Identical to the UWID attribute but specific to a single application that required this attribute be used

SchoolAssignedPersonID

Student ID

W01234567

  • Identical to the UWID attribute but specific to a single application that required this attribute be used

WyoCloudAuthorized

Boolean value

True

  • Grants access to WyoCloud based on domain group membership

uwR25membership

Used by R25 scheduling to auto populate user groups

Advising Services

  • Non-employees will have a value of 'No Department' returned

ZoomAuthorized

Grants access to UWYO cloud based Zoom

True

  • Boolean value based on domain group membership

ZoomCloudAuthorized

Grants access to cloud storage in Zoom

False

  • Boolean value based on domain group membership

ZoomAdminAuthorized

Grants administrator access in Zoom

False

  • Boolean value based on domain group membership

ZoomTollFreeAuthorized

Grants access to create meetings in Zoom with a toll-free call in number

False

  • Boolean value based on domain group membership

ZoomHIPAAAuthorized

Grants access to Zoom data that is HIPAA protected

False

  • Boolean value based on domain group membership

Released Shibboleth Attributes

The table below contains the applications that currently receive attributes from Shibboleth.  In addition to these applications, UW Shibboleth also follows the InCommon Default Attribute Release policy by releasing the ePPN to all applications as long as they are registered with InCommon.  This site only lists data that is released during the authentication process.  For some sites additional data not listed here is provided outside of the authentication process to create an account or provide information required for the service to function.

Application

Released Attributes

AcademicWorks

employeeNumber, mail

WyoCourses

ePPN

CSO

uid

Internet2

ePPN, sn, givenName, mail, eduPersonScopedAffilition

CampusLabs

sn, givenName, mail, CardId, ePPN

AlcoholEDU

sn, givenName, mail, ePPN

HBO GO

employeeNumber, ePPN

Research and Scholarship Category

ePPN, eduPersonTargetedID, mail, displayName, givenName, sn, eduPersonScopedAffiliation

AdviseStream

ePPN, mail, displayName

CollegeNet/R25

uid, mail, sn, givenName, uwR25membership

eRezLife

sn, mail, givenName, employeeNumber

Team Dynamix

ePPN, mail, givenName, sn

OnTheHub

uid, eduPersonScopedAffiliation

HathiTrust

eduPersonScopedAffiliation, eduPersonTargetedId, displayName

Web Checkout

employeeNumber

Tuapath

givenName, sn, mail, employeeNumber, UWID

Research.gov

givenName, sn, mail, ePPN, cn

National Student Clearinghouse

SchoolAssignedPersonID

MyUniDays

ePPN, eduPersonScopedAffiliation

UW Library

ePPN, sn, givenName, mail, eduPersonAffiliation, uwDepartment, telephoneNumber

TransLoc

ePPN, sn, givenName, mail, cn

UW Bookstore

ePPN, sn, givenName, mail, eduPersonScopedAffiliation, employeeNumber

InfoReady

ePPN, sn, givenName, mail

Terra Dota

employeeNumber

Handshake

employeeNumber

WyoCloud

employeeNumber, uid

Site Improve

mail, givenName, sn

DocuSign

ePPN, givenName, sn, employeeNumber

Maxient

uid, displayName

UW Library Proxy

ePPN, eduPersonAffiliation

Zoom

uid, givenName, sn, mail, ZoomCloudAuthorized, ZoomAdminAuthorized, ZoomTollFreeAuthorized, ZoomAuthorized, ZoomHIPAAAuthorized

Everfi

employeeNumber, givenName, sn, mail

Interfolio

employeeNumber, mail

WyoCast

ePPN

Taleo Learn

uid

DSpace Repo

givenName, sn, mail, eduPersonScopedAffiliation

Brookhaven National Lab

displayName, givenName, sn, mail, eduPersonTargetedID

TimeClockPlus

uid

Dimensions

eduPersonScopedAffiliation, eduPersonTargetedID

Rec PCI

givenName, sn, mail, UWDSEPrimaryAffiliation

Level Access

givenName, sn, mail

Active Directory Federation Services Attributes

The following attributes are currently available for release from the Shibboleth identity provider.  Additional attributes can be enabled or created as needed.  This site only lists data that is released during the authentication process.  For some sites additional data not listed here is provided outside of the authentication process to create an account or provide information required for the service to function.

Attribute

Description

Example Data

Additional Info

ImmutableID

A unique, persistent value to identify a user

Bb84aa64-812c-661b-9ab6-936aa4aa7102

  • This value never changes

NameID

A unique, persistent value to identify a user

jcowboy

windowsaccountname

UW username

jcowboy

UPN

UW username @ scope (uwyo.edu)

jcowboy@uwyo.edu

primarysid

A unique, persistent value to identify a user

S-1-5-21-332187-744631-50556778-71222

  • This value never changes

Released Active Directory Federation Services Attributes

Application

Released Attributes

Office 365

ImmutableID

WyoCloud Mobile App

NameID

College of Law Library

windowsaccountname

CRM Advance

UPN, primarysid, NameID

 

 

Was this helpful?
0 reviews

Details

Article ID: 54350
Created
Tue 5/22/18 2:56 PM
Modified
Thu 10/25/18 4:16 PM

Related Articles (1)