v1.0.0 July 2020
Copyright © 2020 University Corporation for Advanced Internet Development, Inc.
The TAP Core Schema defines a dictionary of common attributes used across various components of the TAP portfolio. The authoritative Core Schema is abstract — it is not bound to any particular representation. However, to be useful the Core Schema must then be mapped to a specific form, such as JSON. Such a mapping is called a Representation.
A Representation of the Core Schema is typically bound to a Protocol, which defines the context in which the Representation is used. For example, the ID Match Protocol uses the JSON Representation of the Core Schema.
There are no required attributes from the perspective of the Core Schema. It is up to a given Protocol using the Core Schema to determine which attributes are required, and how such status is conveyed between participants if not specified as part of the Protocol itself.
Attributes may be simple or complex. Complex attributes have sub-attributes. It is up to a given Representation to determine the representation of complex attributes.
Note that all attributes, whether simple or complex, may have metadata attached if supported by the relevant Protocol. It is up to the Representation to describe how metadata attaches to attributes.
Where attributes are multi-valued, it is up to a given Protocol to determine whether multiple values are supported, and how such status is conveyed between participants. It is up to a Representation to determine the representation of multiple values.
Multi-valued attributes may be represented by the use of plural versions of the attribute names (eg: people vs person). For consistency, the plural name is provided as part of each attribute definition. It is up to a Representation to determine if plural names are in use.
Attribute names use camelCase with an initial lowercase letter. Representations may instead require the use of underscore notation, in which case an underscore is inserted before each capital letter, and the capital letter is then lower cased.
Attribute names are case insensitive, but should be case preserving.
Core Schema attributes are typed, as follows:
-
binary: Representation specific encoding of binary data.
-
boolean: Representation specific encoding of true or false.
-
country: ISO 3166-1 two letter country code.
-
date: Date in ISO 8601 (
YYYY-MM-DD) format. -
dateTerm: A datestamp used to indicate intervals such as a semester, trimester, or quarter. The format is
YYYY-L#, whereLis one ofH(half year),T(third), orQ(quarter), and#is the sequential number. eg:2015-H2designates the second semester of the 2015 academic year (and so might physically be in the year 2016). -
dateTime: A timestamp in ISO 8601 format (
YYYY-MM-DDTHH:MM:SSZ). -
extensibleEnumeration: The enumerated values of the Core Schema vocabulary should be supported when specified values are relevant, however protocols and implementations may add to the vocabulary. It is up to the Protocol to determine how such additions are conveyed between participants.
-
integer: An integer, which may be further constrained by an attribute definition.
-
locale: A locale in
LL_CCformat, which is an ISO 639-1 language code, an underscore, and an ISO 3166-1 two letter country code. -
region: ISO 3166-2 subdivision code, not including country prefix (eg:
BCnotCA-BC). -
string: Strings are case preserving but not case sensitive, unless otherwise specified for a given attribute. Strings support UTF-8 unless otherwise specified for a given attribute or Representation.
Additional attributes may be locally defined in order to supplement the Core Schema attributes defined in this document. These attributes are referred to as Ad Hoc attributes.
Ad Hoc attributes are identified by use of namespaces. The specific format for
indicating the namespace is up to each Representation, but the intention is for
the namespace to be represented for each attribute. An appropriate unique
identifier should be selected for the namespace label. For example, a University
might use its top level domain (university.edu) while an application might use
an OID within a space controlled by the application developer.
|
Note
|
The Core Schema does not impose a specific namespacing requirement for local values added to an extensibleEnumeration. Local deployments will need to balance the likelihood that these values could eventually be added to the core schema definition (in which case, for forward compatibility, namespacing should not be used) against the likelihood that these values are highly tailored to the local deployment (in which case namespacing should be used to avoid conflict with potential revisions to the Core Schema). |
The following Metadata attributes are available:
-
created: A dateTime describing when the attribute value was created.
-
id: A case sensitive string used to uniquely identify the attribute value. No specific format is required, ids could be integers, UUIDs, or any other type encodable as a string.
-
lastModified: A dateTime describing when the attribute value was last modified.
-
release: An extensibleEnumeration describing the release policy for the attribute value. When an attribute does not have an explicit release policy, the next nearest parent release policy (a parent attribute or the record level policy) applies.
-
public: The attribute and value may be used without restriction.
-
internal: The attribute and value are to be used for official organizational purposes only, and may not be redistributed without permission.
-
private: The attribute and value may not be used for any purpose without permission.
-
-
source: A string representing the authority or source of the associated record or attribute.
A physical or postal address.
Plural |
addresses |
Type |
complex |
Subattributes |
country, formatted, language, locality, postalCode, region, room, streetAddress, type, verified |
Address rendered as a single string, possibly with embedded newlines (\n).
Type |
string |
Street or site information from an address, including street name, house number,
etc. May include embedded newlines (\n).
Type |
string |
Address type. Defined values are
-
break: An address for use during organizational breaks (eg: summer)
-
campus: An address located on an organization’s campus
-
home: The home address of the subject
-
office: The office address of the subject
-
parent: For students, an address belonging to a parent
-
postal: An address suitable for mailing
-
former-anytype: A former (no longer valid) address of the specified type
Type |
extensibleEnumeration |
An electronic mail address.
Plural |
emailAddresses |
Type |
complex |
Subattributes |
address, type, verified |
The email address. The expected value of this attribute is a string in RFC5322
addr-spec style (eg: foo@university.edu).
Type |
string |
EmailAddress type. Defined values are
-
delivery: An emailAddress valid within the organization that represents an actual, deliverable mailbox. An emailAddress of this type might not be known to the subject it belongs to.
-
department: The subject’s emailAddress for a department (ie: a sub-entity) of the organization
-
department-deptlabel: The subject’s emailAddress for the department identified by deptlabel
-
forwarding: The subject’s forwarding emailAddress (ie: the location where the subject would prefer to receive email)
-
official: The official emailAddress assigned by the organization for the subject
-
personal: The subject’s personal emailAddress, which need not be managed by the organization
-
preferred: The subject’s self-declared preferred emailAddress
-
former-anytype: A former (no longer valid) emailAddress of the specified type
Type |
extensibleEnumeration |
The ethnicity of the subject. The default values for this attribute are as per the US Census Bureau. These values may not be suitable for use outside of US federal reporting requirements.
-
africanAmerican
-
alaskaNative
-
americanIndian
-
asian
-
hispanic
-
nativeHawaiian
-
other
-
pacificIslander
-
white
Type |
extensibleEnumeration |
Gender of the subject, self asserted. Defined values are
-
female
-
male
-
nonBinary
Type |
extensibleEnumeration |
An identifier.
Plural |
identifiers |
Type |
complex |
Subattributes |
identifier, type |
Identifier type. Defined values are
-
applicant: Identifier assigned to an applicant (eg: student application registration system)
-
badge: Identifier as encoded on a badge/physical ID card
-
badge-barcode: Identifier as encoded on a 1D or 2D barcode printed on a badge
-
badge-chip: Identifier as stored on a smart chip (contact or NFC) embedded in a badge
-
badge-magstripe: Identifier as encoded on a magnetic stripe of a badge
-
enterprise: Persistent identifier used to uniquely identify an individual across the enterprise/organization
-
external: Identifier assigned by an external (federated) system
-
national: Government issued identifier (eg: SSN)
-
network: Identifier used for access to network services (eg: NetID)
-
orcid: ORCID iD
-
referenceId: An ID Match reference identifier
-
role: Persistent identifier for a given role, used by an individual system of record and/or registry
-
role-label: Persistent identifier for a given role assigned by the system of record identified by label
-
sor: Persistent identifier used by an individual system of record
-
sor-label: Persistent identifier assigned by the system of record identified by label
Type |
extensibleEnumeration |
A representation of an identity document, as (eg) might be used for identity proofing.
Plural |
identityDocuments |
Type |
complex |
Subattributes |
dateOfBirth, documentIssuer, documentType, fullName, status, timeVerified, verifiedAddress |
Type of document used to confirm identity. Defined values are
-
driversLicense: Photo ID used to license drivers
-
locality: ID issued by a local government (such as cities or towns)
-
national: ID issued by a national government, other than drivers licenses or passports
-
passport: Passport, including Passport Cards
-
regional: ID issued by a regional government (such as states or provinces), other than drivers licenses
-
tribal: ID issued by a tribal government (such as Native American tribes)
Type |
extensibleEnumeration |
Status of the identity document.
-
expired: The document has expired
-
invalid: The document is not valid, for a reason other than expiration
-
valid: The document is valid
Type |
extensibleEnumeration |
Date identity document is valid from, as asserted by the document itself.
Type |
date |
Date identity document is valid through, as asserted by the document itself.
Type |
date |
A name for the subject.
Plural |
names |
Type |
complex |
Subattributes |
family, formatted, given, language, middle, prefix, suffix, type |
The subject’s family name, excluding any given, middle, or honorific components.
Type |
string |
The subject’s given name, excluding any middle, family, or honorific components. When a subject has only one name, it should typically be placed in this attribute.
Type |
string |
The subject’s middle name, excluding any given, family, or honorific components.
Type |
string |
Encoding of a photo of the subject.
Plural |
photos |
Type |
complex |
Subattributes |
data, encoding, type |
The type of encoding used for the subject’s photo. Defined values are
-
bmp
-
gif
-
jpg
-
png
-
tiff
Type |
extensibleEnumeration |
The primary campus location for the person, as defined by the organization.
Type |
string |
The primary campus location for the person, as defined by the organization.
Type |
string |
A representation of the subject’s role or association with the organization.
Plural |
roles |
Type |
complex |
Subattributes |
address, affiliation, campus, campusCode, department, departmentCode, displayTitle, emailAddress, identifier, leaveBegins, leaveEnds, manager, organization, organizationCode, percentTime, rank, rankSor, roleBegins, roleEnds, sor, sponsor, status, telephoneNumber, terminationReason, title, type, url, validFrom, validThrough |
Address(es) associated with this role. This attribute uses the same definition for address as described above, including subattributes.
The subject’s broad relationship to the organization, for this role. Values as per eduPerson, but may be extended.
-
affiliate
-
alum
-
employee
-
faculty
-
library-walk-in
-
member
-
staff
-
student
Type |
extensibleEnumeration |
The campus location this role is attached to, as defined by the organization.
Plural |
campuses |
Type |
string |
The campus location this role is attached to, as defined by the organization and represented as a machine readable identifier. This value is unlikely to have meaning outside of a specific organization.
Plural |
campusCodes |
Type |
string |
The name of the department this role is attached to.
Plural |
departments |
Type |
string |
The department this role is attached to, as represented as a machine readable identifier. This value is unlikely to have meaning outside of a specific organization.
Plural |
departmentCodes |
Type |
string |
Email Address(es) associated with this role. This attribute uses the same definition for emailAddress as described above, including subattributes.
Identifier(s) associated with this role. This attribute uses the same definition for identifier as described above, including subattributes.
Time at which leave from this role begins. If both this attribute and role: status are provided, role: status is controlling.
Type |
dateTime |
Time after which leave from this role is no longer in effect. If both this attribute and role: status are provided, role: status is controlling.
Type |
dateTime |
An identifier describing the manager for this role. This attribute uses the same definition for identifier as described above, including subattributes, except that the name of the attribute is manager.
Plural |
managers |
The name of the organization or institution this role is attached to.
Plural |
organizations |
Type |
string |
The organization or institution this role is attached to, as represented as a machine readable identifier. This value is unlikely to have meaning outside of a specific organization.
Plural |
organizationCodes |
Type |
string |
The percentage time for this role, from 0 (no time allocated) to 100 (full time). Any value from 1 to 99 should be considered "part time".
Type |
integer |
The rank of this role relative to all roles from all Systems of Record. The highest rank is 1, larger numbers indicate lower ranks.
Type |
integer |
The rank of this role relative to only roles from this System of Record. The highest rank is 1, larger numbers indicate lower ranks.
Type |
integer |
Time at which leave from this role officially begins. If both this attribute and role: status are provided, role: status is controlling.
Type |
dateTime |
Time after which this role is no longer in effect. If both this attribute and role: status are provided, role: status is controlling.
Type |
dateTime |
An identifier describing the sponsor for this role. This attribute uses the same definition for identifier as described above, including subattributes, except that the name of the attribute is sponsor.
Plural |
sponsors |
Status associated with this role.
-
accepted: The subject has accepted an offer for this role (enrollment or hire)
-
applied: The subject has applied for this role (enrollment or hire)
-
active: The role is active (hire)
-
offered: The subject has been made an offer for this role but has not yet accepted (enrollment or hire)
-
onLeave: The subject is on leave from this role (enrollment or hire)
-
registered: The subject has registered for this role (enrollment)
-
suspended: The subject has been suspended from this role (enrollment or hire)
-
terminated: The role has been terminated (enrollment or hire) (termination date is in [roleEnds])
Type |
extensibleEnumeration |
Telephone Number(s) associated with this role. This attribute uses the same definition for telephoneNumber as described below, including subattributes.
Reason for termination of this role.
-
deceased
-
graduated
-
involuntary
-
resigned
-
retired
-
withdrew
Type |
extensibleEnumeration |
The type associated with this role.
-
consultant
-
continuing (student)
-
contractor
-
emeritus
-
exempt
-
graduate (student)
-
nondegree (student)
-
professional (student)
-
regular
-
secondary (student)
-
summer (student)
-
tenured
-
undergraduate (student)
-
vendor
-
visiting
-
workStudy
URL(s) associated with this role. This attribute uses the same definition for url as described below, including subattributes.
Time at which services associated with this role should begins. If both this attribute and role: status are provided, role: status is controlling.
Type |
dateTime |
Time after which services associated with this role should be terminated. If both this attribute and role: status are provided, role: status is controlling.
Type |
dateTime |
Telephone number for the subject.
Plural |
telephoneNumbers |
Type |
complex |
Subattributes |
number, type, verified |
The type of the telephone number. Defined values are
-
campus: The subject’s on campus telephone number
-
fax: The subject’s fax machine
-
home: The subject’s home telephone number
-
mobile: The subject’s mobile telephone number
-
office: The subject’s work or office telephone number
-
summer: The subject’s summer time telephone number
-
former-anytype: A former (no longer valid) telephone number of the specified type
Type |
extensibleEnumeration |