OpenID Connect Integration
Last updated: 20 January 2025
Attributes
These are the attributes/claims our OpenID Provider (OP) can provide to a Relying Party (RP) currently:
This is a maturing service and at this stage only supports a subset of attributes/claims. For attribute requirements outside this range, please contact us to discuss.
| Supported Scopes | Claims |
|---|---|
| openid | Returns the subclaim, which uniquely identifies the user. In an ID Token, iss, aud, exp, iat, and at_hash claims will also be present. |
| profile | Returns claims that represent basic profile information, including name, family_name, given_name, and preferred_username. |
| Returns the email claim, which contains the user's email address | |
| phone | Returns the phone_number of the user. Not many AAF IdPs will return this value. |
| aueduperson | Returns the user's au_edu_person_shared_token value |
| eduperson_affiliation | Returns the user's eduperson_affiliation value |
| eduperson_assurance | Returns the user's eduperson_assurance value |
| eduperson_orcid | Returns the user's eduperson_orcid value |
| eduperson_principal_name | Returns the user's eduperson_principal_name value |
| eduperson_scoped_affiliation | Returns the user's eduperson_scoped_affiliation value |
| schac_home_organization | Returns the user's schac_home_organization value |
| schac_home_organization_type | Returns the user's schac_home_organization_type value |
| home_organization | Returns the user's o value |
A claim for a user will only be provided if their home organisation provides the specific attribute. For example most universities will not provide phone numbers for their users.