Electronic Authentication Assurance Level Code
See all versions of Attribute: Electronic Authentication Assurance Level Code Active / In UseFull Formal Attribute Name
gfipm:2.1:user:ElectronicAuthenticationAssuranceLevelCode
Abbreviated Formal Attribute Name
ElectronicAuthenticationAssuranceLevelCode
Definition
The maximum NIST electronic authentication assurance level that can be satisfied by the electronic identity on which this assertion is based.
Data Type
Version Number
2.1
Usage Information
This attribute is a four-level code, ranging from level 1 through level 4, in which each level corresponds to an authentication mechanism assurance level defined in NIST Special Publication 800-63-1, "Electronic Authentication Guideline", published in December 2011.
If there is a SAML authentication context associated with the SAML assertion containing this attribute, then the NIST level conveyed by this element MUST be consistent with the type of authentication conveyed by the SAML authentication context.
If there is a SAML authentication context associated with the SAML assertion containing this attribute, then the NIST level conveyed by this element MUST be consistent with the type of authentication conveyed by the SAML authentication context.
Example Content
"NISTLEVEL1", "NISTLEVEL2", "NISTLEVEL3", "NISTLEVEL4"
NIEM Xpath
N/A
NIEM Definition
N/A
Source
GFIPM Demo Project Participants (CISA, JNET, and RISS)
Misc. Notes
For more information about the specific authentication mechanism requirements at each NIST level of assurance, please see Sections 6.3.1, 7.3.1, and 8.3.2 of NIST Special Publication 800-63-1. Also, please note that the definition of this attribute specifically excludes NIST requirements in Section 9.3.2, which pertain to the use of assertions.