From 12cd8a0ea2e9c404dfcd34621b1ce612fd3e66da Mon Sep 17 00:00:00 2001 From: Keith Hazelton Date: Tue, 13 Apr 2021 08:55:57 -0500 Subject: [PATCH] Update identifier-guidance.adoc --- identifier-guidance.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/identifier-guidance.adoc b/identifier-guidance.adoc index 57404ba..971a777 100644 --- a/identifier-guidance.adoc +++ b/identifier-guidance.adoc @@ -14,7 +14,7 @@ From SAML Attribute Profile, 3.3.1, "It is RECOMMENDED that the _unique ID be ex ==== II. Other identifiers -*pairwise-id* An identifier that offers some protection against service provider to service provider identity correlation. *pairwise-id* is defined in section 3.4 of _SAML V2.0 Subject Identifier Attributes Profile Version 1.0_. It is defined to be "a unique external key specific to a particular relying party". Its syntax is identical to that of the *subject-id* described above. +*pairwise-id* An identifier that offers some protection against service provider to service provider identity correlation. *pairwise-id* is defined in section 3.4 of _SAML V2.0 Subject Identifier Attributes Profile Version 1.0_. It is defined to be "a unique external key specific to a particular relying party". Its syntax is identical to that of the *subject-id* described above, but not name-based. *IdP login id*: Identifier entered by a person when prompted to log in with their chosen Identity provider. Example id names: username, netId; Consider adopting the subject-id syntax rules above to prevent commonly-occurring issues with other id forms.