OpenID Connect Integration
Attributes
These are the attributes/claims our OpenID Provider (OP) can provide to a Relying Party (RP) currently:
This is a maturing service and at this stage only supports a subset of attributes/claims. For attribute requirements outside this range, please contact us to discuss.
Supported Scopes | Claims |
---|---|
openid | Returns the subclaim, which uniquely identifies the user. In an ID Token, iss, aud, exp, iat, and at_hash claims will also be present. |
profile | Returns claims that represent basic profile information, including name, family_name, given_name, and preferred_username. |
Returns the email claim, which contains the user's email address | |
phone | Returns the phone_number of the user. Not many AAF IdPs will return this value. |
aueduperson | Returns the users au_edu_person_shared_token value |
eduperson_affiliation | Returns the users eduperson_affiliation value |
eduperson_assurance | Returns the users eduperson_assurance value |
eduperson_orcid | Returns the users eduperson_orcid value |
eduperson_principal_name | Returns the users eduperson_principal_name value |
eduperson_scoped_affiliation | Returns the users eduperson_scoped_affiliation value |
schac_home_organization | Returns the users schac_home_organization value |
home_organization | Returns the users o value |
A claim for a user will only be provided if their home organisation provides the specific attribute. For example most universities will not provide phone numbers for their users.