...
A Relying Party that consumes a scoped attribute SHOULD verify that the asserted scope is permitted for the issuing Identity Provider by comparing the scope portion of the attribute value against the <shibmd:Scope> values published in that Identity Provider's metadata. See also section 2.1.4 Scope in SAML 2.0 WebSSO Technology Profile.
Identifier Properties
This section describes identifier properties, including whether they are non-reassignable, opaque, persistent, and unique per relying party.
| Identifier | Non-reassigned | Opaque | Persistent | Unique per Relying Party |
|---|---|---|---|---|
| subject-id |  | |||
| pairwise-id | ||||
| personalIdentityNumber | | | |
Attribute Definitions
subject-id
...
| Name | https://openfed.se/attributes/pairwise-id |
|---|---|
| Friendly Name | pairwise-id |
| Data Type | xs:string |
| Multi-valued | NO |
| Scoped | YES |
| Reference | urn:oasis:names:tc:SAML:attribute:pairwise-id |
| Example | 9d666d80-c634-4f12-838b-c667de76762b@example.org |
personalIdentityNumber
The subject’s national civic registration number (i.e. the Swedish “personnummer” or “samordningsnummer” as defined in SKV 704 and SKV 707).
The value MUST consist of 12 digits without a hyphen.
| Name | https://openfed.se/attributes/personalIdentityNumber |
|---|---|
| Friendly Name | personalIdentityNumber |
| Data Type | xs:string |
| Multi-valued | NO |
| Scoped | NO |
| Reference | urn:oid:1.2.752.29.4.13 |
| Example | 198611245807 |
givenName
The given name (first name) of the subject.
...