Identity Provider Id
See all versions of Attribute: Identity Provider Id Active / In UseFull Formal Attribute Name
gfipm:2.0:user:IdentityProviderId
Abbreviated Formal Attribute Name
IdentityProviderId
Definition
The unique identifier within the federation that identifies the identity provider (IDP) of the user within the federation. Comprises a federation part, an optional trusted identity broker (TIB) part, and an identity provider (IDP) part. The general format of an identity provider ID is: "{Federation}:[TIB:{TIB}:]IDP:{IDP}".
{Federation} is required, and is a globally unique federation identifier. It must contain only alphanumeric characters and dashes. Federation identifiers are managed via the GFIPM Federation Name Registry. Information about this registry is available at the following URL.
http://gfipm.net/fed-registry.html
"TIB" and {TIB} are required only for identity providers that are brokered by a trusted identity broker. {TIB} must uniquely identify a trusted identity broker within the federation. It must contain only alphanumeric characters and dashes.
"IDP" and {IDP} are required. If preceded by a TIB part, {IDP} must uniquely identify an identity provider that is brokered by the TIB within the federation. If not preceded by a TIB identifier, {IDP} must uniquely identify an identity provider that is NOT brokered by a TIB within the federation. {IDP} must contain only alphanumeric characters and dashes.
{Federation} is required, and is a globally unique federation identifier. It must contain only alphanumeric characters and dashes. Federation identifiers are managed via the GFIPM Federation Name Registry. Information about this registry is available at the following URL.
http://gfipm.net/fed-registry.html
"TIB" and {TIB} are required only for identity providers that are brokered by a trusted identity broker. {TIB} must uniquely identify a trusted identity broker within the federation. It must contain only alphanumeric characters and dashes.
"IDP" and {IDP} are required. If preceded by a TIB part, {IDP} must uniquely identify an identity provider that is brokered by the TIB within the federation. If not preceded by a TIB identifier, {IDP} must uniquely identify an identity provider that is NOT brokered by a TIB within the federation. {IDP} must contain only alphanumeric characters and dashes.
Data Type
Text
Version Number
2.0
Usage Information
This identifier MUST be consistent with the federation identifier, IDP identifier, and (if applicable) TIB identifier denoted within the user's Federation Id attribute.
Example Content
"NIEF:IDP:JNET",
"DOJTB:IDP:RISS",
"NIEF:TIB:CJIS-Portal:IDP:RISS",
"CONNECT:IDP:XYZ"
"DOJTB:IDP:RISS",
"NIEF:TIB:CJIS-Portal:IDP:RISS",
"CONNECT:IDP:XYZ"
NIEM Xpath
N/A
NIEM Definition
N/A
Source
GFIPM Metadata Straw Man
Misc. Notes
Will eventually be deprecated and superseded by https://nief.org/attribute-registry/attributes/user/nief/IdentityProviderId/1.0/