When a user downloads a connection profile from the eduroam managed IdP, they are authenticated through a connected IdP. This IdP may be any SAML 2.0 compliant IdP, such as Microsoft Entra ID.
The organisation can also used any existing IdP that they have already registered in the Tuakiri identity federation, meaning that organisations do not need to create a separate IdP to use the eduroam managed IdP.
User ID Attribute
The value of the user ID attribute is how users will be referred to by the eduraom managed IdP, and will be shown to users whenever they are asked to confirm their identities.
For example, for an IdP registered to in Tuakiri, could be an attribute such as samlSubjectId or eduPersonPrincipalName. Or for a Microsoft Entra ID instance, the name claim could be used.
IdP Metadata XML file
This is only required for an IdP that is not currently registered in the Tuakiri identity federation.
The metadata XML file is a file that defines the authentication sources for the configured IdP. It is a file that can be provided by the configured IdP. The eduroam managed IdP keeps a copy of this file.