The following fields are always provided with a SAML 2.0 response from Signicat. They may be blank if the underlying ID method does not provide the information, but they are never omitted.
All response parameters have a NameFormat of urn:oasis:names:tc:SAML:2.0:attrname-format:basic.
|
Attribute Name
|
Example
|
Description
|
|---|---|---|
| national-identity | 05054512345 | National identification number. Never replaced by other variable; other unique identifiers go in the NameID field (see below). |
| national-identity-country | NO | Nationality of the person identified (ISO 3166-1 Alpha-2). |
| common-name | Doe, John | Name of the person identified as it appears in the response from the ID method. |
| given-name | John | First name of the person identified, after name splitting performed by Signicat. |
| surname | Doe | Last name of the person identified, after name splitting performed by Signicat. |
| john.doe@example.com | E-mail address as returned by the ID method. |
TUPAS responses will also contain the following:
|
Attribute Name
|
Example
|
Description
|
|---|---|---|
| tupas.bank.id | 200 | Number of the bank used to identify the person (see section 4.5 of the TUPAS Service Description in FKL’s technical documentation). |
| tupas.bank.name | Nordea | Friendly name of the bank used to identify the person. |
In addition, the NameID attribute of the Subject element will contain an unique identifier that is not necessarily the national ID number, and the NameQualifier of the NameIDattribute will be the friendly name of the ID method in question.