Identity Provider Id
Full Formal Attribute Name
gfipm:2.0:user:IdentityProviderId
Abbreviated Formal Attribute Name
IdentityProviderId
Definition
The unique identifier within the federation that identifies the identity provider (IDP) of the user within the federation. Comprises a federation part, an optional trusted identity broker (TIB) part, and an identity provider (IDP) part. The general format of an identity provider ID is: "{Federation}:[TIB:{TIB}:]IDP:{IDP}".
{Federation} is required, and is a globally unique federation identifier. It must contain only alphanumeric characters and dashes. Federation identifiers are managed via the GFIPM Federation Name Registry. Information about this registry is available at the following URL.
http://gfipm.net/fed-registry.html
"TIB" and {TIB} are required only for identity providers that are brokered by a trusted identity broker. {TIB} must uniquely identify a trusted identity broker within the federation. It must contain only alphanumeric characters and dashes.
"IDP" and {IDP} are required. If preceded by a TIB part, {IDP} must uniquely identify an identity provider that is brokered by the TIB within the federation. If not preceded by a TIB identifier, {IDP} must uniquely identify an identity provider that is NOT brokered by a TIB within the federation. {IDP} must contain only alphanumeric characters and dashes.
{Federation} is required, and is a globally unique federation identifier. It must contain only alphanumeric characters and dashes. Federation identifiers are managed via the GFIPM Federation Name Registry. Information about this registry is available at the following URL.
http://gfipm.net/fed-registry.html
"TIB" and {TIB} are required only for identity providers that are brokered by a trusted identity broker. {TIB} must uniquely identify a trusted identity broker within the federation. It must contain only alphanumeric characters and dashes.
"IDP" and {IDP} are required. If preceded by a TIB part, {IDP} must uniquely identify an identity provider that is brokered by the TIB within the federation. If not preceded by a TIB identifier, {IDP} must uniquely identify an identity provider that is NOT brokered by a TIB within the federation. {IDP} must contain only alphanumeric characters and dashes.
Data Type
Text
Metadata Version
2.0
Usage Information
This identifier MUST be consistent with the federation identifier, IDP identifier, and (if applicable) TIB identifier denoted within the user's Federation Id attribute.
Example Content
"NIEF:IDP:JNET",
"DOJTB:IDP:RISS",
"NIEF:TIB:CJIS-Portal:IDP:RISS",
"CONNECT:IDP:XYZ"
"DOJTB:IDP:RISS",
"NIEF:TIB:CJIS-Portal:IDP:RISS",
"CONNECT:IDP:XYZ"
NIEM Xpath
N/A
NIEM Definition
N/A
Source
GFIPM Metadata Straw Man
Misc. Notes
This attribute's definition, usage info, and example content have changed since the original release of the GFIPM Metadata 2.0 Spec. The information provided here reflects the latest changes. Please see the following URL for more information.
http://gfipm.net/standards/metadata/2.0/gfipm-metadata-2.0-addendum.pdf
http://gfipm.net/standards/metadata/2.0/gfipm-metadata-2.0-addendum.pdf