Overview


The eduPersonOrcid attribute has recently been defined in the eduPersonschema (2016/02). The OID for eduPersonOrcid is 1.3.6.1.4.1.5923.1.1.1.16. 


Description
ORCID iDs are persistent digital identifiers for individual researchers. Their primary purpose is to unambiguously and definitively link them with their scholarly work products. ORCID iDs are assigned, managed and maintained by the ORCID organization. Values MUST be valid ORCID identifiers in the ORCID-preferred URL representation. Each value represents an ORCID identifier registered with ORCID.org as belonging to the principal.


Format
The ORCID iD is a URI with a 16-digit number that is compatible with the ISO Standard (ISO 27729), also known as the International Standard Name Identifier (ISNI). Initially ORCID iDs will be randomly assigned by the ORCID Registry from a block of numbers that will not conflict with ISNI-formatted numbers assigned in other ways. ORCID iDs always need all 16-digits; they can not be shortened to remove leading zeros if they exist.

Below are some example ORCID iDs expressed in the proper format.

http://orcid.org/0000-0002-1825-0097
http://orcid.org/0000-0001-5109-3700
http://orcid.org/0000-0002-1694-233X

 

For organisations running IdP version 3 who wish to make this attribute available to federation services,


1. Add the attribute definition to your LDAP or Active Directory server and populate with user's ORCIDs 

 

2. Add the following AttributeDefinition to your attribute-resolver.xml
<resolver:AttributeDefinition id="eduPersonOrcid" xsi:type="ad:Simple" sourceAttributeID="eduPersonOrcid">
<resolver:Dependency ref="ldap" />
<resolver:AttributeEncoder xsi:type="enc:SAML1String" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.16" />
<resolver:AttributeEncoder xsi:type="enc:SAML2String" name="urn:oid:1.3.6.1.4.1.5923.1.1.1.16" friendlyName="eduPersonOrcid"/>
</resolver:AttributeDefinition>


3. Add the follow attribute definition to metadata-based-attribute-filter.xml
<AttributeRule attributeID="eduPersonOrcid">
<PermitValueRule xsi:type="OR">
<Rule xsi:type="AttributeInMetadata"
onlyIfRequired="false"/>
<Rule xsi:type="AttributeInMetadata"
attributeName="urn:oid:1.3.6.1.4.1.5923.1.1.1.16"
onlyIfRequired="false"/>
</PermitValueRule>
</AttributeRule>


4. Add  eduPersonOrcid to the list of attributes that are assigned to idp.consent.attributeOrder=... in the idp.properties file.



5.  In the Federation Registry add eduPersonOrcid as an attribute that your IdP is willing to release. This will modify the attribute-filter.xml generated by FR for your IdP. 

To add "eduPersonOrcid" attribute to the IdP in the FR,

1) Login to the AAF Federation Registry

2) Select your Identity Provider

3) Select SAML tab and then select the Attribute sub-tab

4) Scroll down the bottom of the page, click Add Attribute

5) Select eduPersonOrcid from the optional list , click "Add" button to add the attribute



For more information see

 https://www.switch.ch/aai/support/documents/attributes/edupersonorcid/index.html