Update person-identifiers.adoc

khazelton · Apr 9, 2021 · 1c80398 · 1c80398
1 parent 8b5bd94
commit 1c80398
Showing 1 changed file with 8 additions and 8 deletions.
diff --git a/person-identifiers.adoc b/person-identifiers.adoc
@@ -19,9 +19,9 @@ Editor: {Editor}, {Email}
 
 identifier characteristics: Definitive statement for HE and Research: https://wiki.shibboleth.net/confluence/display/CONCEPT/NameIdentifiers
 
-. unique across the IdPs population Y/N
+==== Unique across the IdPs population Y/N?
 
-G does have its own internal-only identifier
+Google does have its own internal-only identifier
   identifier is a tuple, sourceID + personID from that source
   enter ePPN, or link in email for new ppl being added
   id to label person in system, but also identifiers for looking them up: email, name,....LoginID
@@ -42,9 +42,9 @@ mp: OID is permanent, not shared name is a name-based identifier (other could be
 - globally unique by inclusion of a scope element or domain identifier
 - mP can generate any other unique id and share with external systems
 
-. name-based or otherwise recognizable? Y/N
+==== name-based or otherwise recognizable? Y/N
 internal id: No
-. opaque (not name-based or otherwise recognizable) Y/N
+==== opaque (not name-based or otherwise recognizable) Y/N
 
 - permanent (changes are rare or non-existent)
 can be merged if necessary.
@@ -55,19 +55,19 @@ can be merged if necessary.
 - pairwise (formerly called targeted): A person has a different identifier for each service or resource provider with which they interact
 
 
-. What is the primary, wholly internal person identifier in your package?
+==== What is the primary, wholly internal person identifier in your package?
 
-COm: identifier modules to generate identifiers with the desired characteristics; 
+COmanage: identifier modules to generate identifiers with the desired characteristics; 
 
 KeithL: If you make a REST call: here's user, get the OID, use that in the actual REST call
 
-. What identifier(s) do you expose to other packages? Internal ID plus tuple source/identifier
+==== What identifier(s) do you expose to other packages? Internal ID plus tuple source/identifier
 generate anything you want, configurable; DO NOT USE OID; mP API is a case where you could use OID, 
 
 - Do you maintain a crosswalk between each external system identifier and your internal identifier?
  correlation rule: connector says how the id in system maps to id in mP; midPoint maintains link over subsequent change
 
-. How do you handle changes to name-based identifiers
+==== How do you handle changes to name-based identifiers
 -
 connectors can work w opaque: UID (used to link to the midPoint user, and another identifier, perhaps name based; mP can update the name identifier