Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


If you need to do finer grained authorisation such as identifying a department you can use one called eduPersonEntitlement which can have any value you pre-arrange with sites. 

Any of these could be multi-valued and would be passed to your OIDC instance as an unordered array  - e.g. { "claimName" : [ "value1", "value2"] } 

What about things like names and email addresses?
Personally identifiable information like that isn't supplied as standard and data protection regulations make sites very cautious about releasing it. Some may be willing where they see a justifiable use, but you should not expect it to be present and must not make it a condition of access. 


The remaining step will be to set up wayfless and deep link access. After that you're ready for final tests and publication.