You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
after an internal discussion about the attributes of our IDP send to the component register. You said, that 'eppn' (eduPersonPrincipalName) would be required. This would mean, that the Component Register uses an attribute which is the authentication token of the whole CLARIN network used for every other SP too. We could provide the less explicit attribute 'persistent_id' (eduPersonTargetId), which would be generated by our IDP only for the Component Register. I think for the purpose of the Component Register this would be enough. Would it be enough to release the attribute 'persistent_id' for a successful authentication? This would help to clear the discussion with our data protection officer.
Hi Torsten,
I think that should be sufficient. It means however that we need to make some changes to the implementation of the Component Registry in that it queries the user to provide a "human readable" name after logging in when eppn or displayname is not available. I think you can tell your data protection officer that we can live with that solution.
It might take some time on the other hand before you really can login at the component registry. I'm cc'ing Twan, he can add you to the ticket for this so that you get a signal as soon as eptid is supported.
The text was updated successfully, but these errors were encountered:
https://trac.clarin.eu/ticket/157
The text was updated successfully, but these errors were encountered: