The Shibboleth IdP V4 software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only. See the IDP5 wiki space for current documentation on the supported version.

RegistrationAuthorityConfiguration

Owned by Scott Cantor
Last updated: Nov 15, 2021
1 min read

Namespace: urn:mace:shibboleth:2.0:afp
Schema: http://shibboleth.net/schema/idp/shibboleth-afp.xsd

Overview

The RegistrationAuthority type is a PolicyRule that returns true if the attribute recipient is registered by a particular registrar or one of a set of registrars. Matching occurs against the RegistrationAuthority XML attribute value on the <mdrpi:RegistrationInfo> element (if any).

Reference

Name

Type

Required?

Description

Name

Type

Required?

Description

registrars

Whitespace-delimited list of URIs

Y

List of registrar IDs

Example

Apply this rule if the SP is a REFEDS Research & Scholarship service registered by MyFederation with the given registrar ID:

<PolicyRequirementRule xsi:type="AND"> <Rule xsi:type="EntityAttributeExactMatch" attributeName="http://macedir.org/entity-category" attributeValue="http://refeds.org/category/research-and-scholarship"/> <Rule xsi:type="RegistrationAuthority" registrars="http://my.federation.org"/> </PolicyRequirementRule>

Â