The Shibboleth IdP V4 software will leave support on September 1, 2024.

RegistrationAuthorityConfiguration

Namespace: urn:mace:shibboleth:2.0:afp
Schema: http://shibboleth.net/schema/idp/shibboleth-afp.xsd

Overview

The RegistrationAuthority type is a PolicyRule that returns true if the attribute recipient is registered by a particular registrar or one of a set of registrars. Matching occurs against the RegistrationAuthority XML attribute value on the <mdrpi:RegistrationInfo> element (if any).

Reference

Name

Type

Required?

Description

Name

Type

Required?

Description

registrars

Whitespace-delimited list of URIs

Y

List of registrar IDs

Example

Apply this rule if the SP is a REFEDS Research & Scholarship service registered by MyFederation with the given registrar ID:

<PolicyRequirementRule xsi:type="AND"> <Rule xsi:type="EntityAttributeExactMatch" attributeName="http://macedir.org/entity-category" attributeValue="http://refeds.org/category/research-and-scholarship"/> <Rule xsi:type="RegistrationAuthority" registrars="http://my.federation.org"/> </PolicyRequirementRule>