3.2 Account Provisioning

3.2.1 Identity

This object allows a system that stores network identities and/or passwords to share them with other applications through SIF. The provider of the Identity object may only support providing an identity or a password, or it may support both.

SIF_Events are reported for this object.
Identity
Figure 3.2.1-1: Identity Identity RefId SIF_RefId SIF_RefObject AuthenticationSource IdentityAssertions PasswordList AuthenticationSourceGlobalUID SIF_Metadata SIF_ExtendedElements
 Element/@AttributeCharPrivacy RatingDescriptionType
 Identity High

This object allows a system that stores network identities and/or passwords to share them with other applications through SIF. The provider of the Identity object may only support providing an identity or a password, or it may support both.

 		 
@
key		RefIdMHigh

The SIF RefId that uniquely identifies this object.

 		RefIdType
 SIF_RefIdMHigh

The SIF RefId of a StudentPersonal, StaffPersonal, or StudentContactPersonal object.

 		IdRefType
@SIF_RefObjectMHigh

The type of SIF object that the SIF_RefId attribute identifies.

 		values:
StudentPersonal
StaffPersonal
StudentContactPersonal
 AuthenticationSourceMHigh

The type of source system that produced this Identity object.

See implementation notes for provider requirements.

 		values:
AUAccessShibboleth
MSActiveDirectory
NovellNDS
OpenDirectory
OpenID
Other
 IdentityAssertionsOHigh

The list of identity assertions for this user.

 		IdentityAssertionsType
 PasswordListOHigh

Allows a provider or publisher to specify the same password using multiple algorithms, if supported.

 		PasswordListType
 AuthenticationSourceGlobalUIDOHigh

The globally unique person identifier that links together separate Identity objects which reference the same Person.

 		IdRefType
 SIF_MetadataOLow SIF_MetadataType
 SIF_ExtendedElementsO Low SIF_ExtendedElementsType
Table 3.2.1-1: Identity
<Identity RefId="4286194F-43ED-43C1-8EE2-F0A27C4BEF86"> <SIF_RefId SIF_RefObject="StudentPersonal">23B08571-E4D6-45C3-B82A-3E52E5349925</SIF_RefId> <AuthenticationSource>AUAccessShibboleth</AuthenticationSource> <IdentityAssertions> <IdentityAssertion SchemaName="eduPersonPrincipalName">john.doe@asdf.edu.au</IdentityAssertion> </IdentityAssertions> <AuthenticationSourceGlobalUID>A9A6CB2B-C493-4427-8C1F-D6587D448B35</AuthenticationSourceGlobalUID> </Identity>
Example 3.2.1-1: Identity published by an Access Federation Shibboleth Provider
<Identity RefId="4286194F-43ED-43C1-8EE2-F0A27C4BEF86"> <SIF_RefId SIF_RefObject="StudentPersonal">23B08571-E4D6-45C3-B82A-3E52E5349925</SIF_RefId> <AuthenticationSource>MSActiveDirectory</AuthenticationSource> <IdentityAssertions> <IdentityAssertion SchemaName="sAmAccountName">user01</IdentityAssertion> <IdentityAssertion SchemaName="userPrincipalName">user01@asdf.edu.au</IdentityAssertion> <IdentityAssertion SchemaName="distinguishedName">cn=User01,cn=Users,dc=org</IdentityAssertion> </IdentityAssertions> <AuthenticationSourceGlobalUID>23A08571-E4D6-45C3-B82A-3E52E5349925</AuthenticationSourceGlobalUID> </Identity>
Example 3.2.1-2: Identity published by Microsoft Active Directory
<Identity RefId="4286194F-43ED-43C1-8EE2-F0A27C4BEF86"> <SIF_RefId SIF_RefObject="StudentPersonal">23B08571-E4D6-45C3-B82A-3E52E5349925</SIF_RefId> <AuthenticationSource>OpenID</AuthenticationSource> <IdentityAssertions> <IdentityAssertion SchemaName="openid.identity">http://verisign.org/p/alice </IdentityAssertion> <IdentityAssertion SchemaName="openid.server">http://verisign.org </IdentityAssertion> </IdentityAssertions> <AuthenticationSourceGlobalUID>A9A6CB2B-C493-4427-8C1F-D6587D448B35</AuthenticationSourceGlobalUID> </Identity>
Example 3.2.1-3: Identity published by an OpenID provider

Valid XHTML 1.0 Transitional