skip to content

IT Help and Support

University Information Services
 

FAQ N16

When Raven identifies you to a web site it supplies various bits of information about you. For most web sites, particularly those within the University, Raven simply supplies your CRSid (your user identifier, something like fjc55).

However Raven can provide additional information, known as attributes, about you to selected sites - typically ones outside the University. You will always be asked to approve release of such information the first time you access a site that works in this way, and whenever the information being released changes thereafter. Exactly which attributes are released depends on who operates the site and what it needs to know, but here is a full list of the attributes that could be released together with an explanation of what they represent.

Attribute name Description
eduPerson Principal Name A persistent, globally-unique identifier for an individual which is the same for every web site they visit. In Cambridge this is formed from a CRSid (e.g. fjc55) and the University's top-level domain name, cam.ac.uk. This produces something that looks like, and in some cases is the same text as, an email address: e.g. fjc55@cam.ac.uk. However eduPerson Principal Name does not represent an email address and should not be used as such. In other contexts this value is sometimes called eduPersonPrincipalName or ePPN.
Anonymous identifier A persistent globally-unique identifier for an individual which is different for every web site they visit. This attribute can be used by web sites that need to recognise returning visitors but which do not need to know their real-world identity. By relying on this attribute, web sites can enhance their users' privacy. It takes the form of a random string, followed by @cam.ac.uk. In other contexts this value is sometimes called eduPersonTargetedID or ePTID.
Status An attribute carrying one or more of a number of standard values reflecting an individual's association with the University. Some web sites will make access control decisions based on this value, such as making a resource available to everyone in the University. Currently the only possible values are member@cam.ac.uk which is assigned to anyone who appears in lookup, and member@eresources.lib.cam.ac.uk which is assigned to anyone entitled to access the University Library's general electronic resource collection. In other contexts this value is sometimes called eduPersonScopedAffiliation or ePSA.
Entitlement An attribute carrying one or more values indicating that someone has a particular entitlement, for example is entitled to use a particular resource. These values, and the conditions under which they may be assigned to to people, are typically specified by the relevant web site operators. In other contexts this value is sometimes called eduPersonEntitlement or ePE.

In addition, Raven may make available values of SurnameRegistered NameDisplay NameRolesInstitution names and IDsE-mail addressesUniversity status, and Group names and IDs with values derived from lookup, but only to web sites operated within the University and always subject to each user's choice of suppression.

Attribute names starting eduPerson are derived from the eduPerson LDAP schema in which they are defined.

The release of attributes by Raven is governed by the Raven/Shibboleth Attribute Release Policy; details for the current configuration are documented in the Raven/Shibboleth Attribute Release Summary.

 

UIS Service Desk

UIS Service Status

Phone padded  Service status line: (01223 7)67999
Website  Sign up for SMS/email status alerts
Website  Read major IT incident reports

UIS bITe-size bulletin

A regular newsletter aimed at the University's IT community, highlighting service and project news from UIS.

Sign up >

Latest news

New digital certificate service launched

30 July 2021

We've launched a new digital certificate service, and are now onboarding institutions and IT staff. The new Jisc-based service enables IT staff to create and manage a broader range of certificates (TLS, client and code signing) in minutes and at no cost to their institution. Comparing the old and new certificate services...

Moodle maintenance Tuesday 3 August 07:00-09:00

28 July 2021

The Moodle service will be subject to interruption on Tuesday 3 August 07:00–09:00 due to essential maintenance. While Moodle is unavailable, users will not be able to log in to the Panopto cloud service. Panopto recordings can still be made offline for later upload. If you have any questions, please contact the Moodle...

Internet Explorer 11 will no longer be supported by Microsoft 365 apps and services from 17 August 2021

23 July 2021

Microsoft has announced that from 17 August 2021, all Microsoft 365 apps and services will no longer support Internet Explorer 11 (IE11). This follows Microsoft’s announcement last November that Microsoft Teams would no longer support IE11. After 17 August 2021, you'll have a degraded experience or will be unable to...