Skip to main content Skip to navigation

Attributes

The following is a complete list of attributes that can be returned by SSOv2 and SSOv3. There are notes against each one explaining their usage and availability. What the SSO versions really mean here is if the attribute is available from the old SSOv2 plain text interfaces or from the attributes you'd get from the User object in SSOv3. Although there is some inconsistency between attributes, the reality is that you will most likely be accessing these attributes through proper accessor methods on the User object, so the attribute names don't matter. However, you can always get at the extended original attributes through the User.getExtraProperties() method.

Attribute name Example values SSO version Notes
firstname Joe SSOv2  
id 9900001 SSOv2 University number
lastname Bloggs SSOv2  
member true, false SSOv2 Basically just if user is staff or student or not
returnType 1, 2, 3, 4, 51, 52, 53, 54 SSOv2 Status codes for the old SSOv2 plain text interfaces
staff true, false SSOv2, SSOv3  
urn:mace:dir:attribute-def:eduPersonAffiliation member, affiliate, alum SSOv2, SSOv3 Same as urn:mace:dir:attribute- def:eduPersonScopedAffiliation but without scoping
dept Information Technology Services, Chemistry SSOv2 University department this user belongs to
deptcode IN, CH SSOv2 Code for University department
deptshort
CELTE, IT Services
SSOv2, SSOv3 Shorter department name, if one exists
email joe.bloggs@warwick.ac.uk SSOv2  
warwickattendancemode 1, F, P, YM, YO, SF, EP, EF SSOv2, SSOv3 F full time; P part time; YM mandatory year out; YO optional year out; SF short course full time; EP extension was part time; EF extension was full time.
student true, false SSOv2, SSOv3  
name Joe Bloggs SSOv2 Full name, combining first and last names
urn:mace:dir:attribute-def:eduPersonTargetedID 1onogpy7jb3wc968ehsdzasdfa1 SSOv2, SSOv3 Used to uniquely identifier a user on a per service basis
token wfnoxvndbkdyplbisciyvhnwjwjkuxrasctudvto SSOv2 Unique login token, only issued on requestType=2
valid 43200 SSOv2 How long the above token is valid for in seconds
urn:websignon:ipaddress 137.205.255.255 SSOv2, SSOv3 The IP address from which the user logged in. This can be used for security checking. However the ip address could well in fact be the ip address of the server that was logging a user in, for instance SiteBuilder. Once everyone logs into the new SSOv3 login screen, this will be more reliable
urn:websignon:loggedin true, false SSOv3  
ou see dept SSOv3 see dept
mail see email SSOv3 see mail
warwickuniid see id SSOv3 see id
urn:websignon:proxygrantingticket qomldbhjqsduiqkfnlggnxwdgqpnkytxuwtnffyox SSOv3 Used for creating proxy tickets
sn see lastname SSOv3 see lastname
urn:websignon:ssc oggajxxpkpixjnvambyohulvaballnveqbhdkbgho SSOv3 To be used by individual services to set their Service Specific Cookie (SSC)
dn cn=joeblogs,ou=CU,o=Warwick SSOv3 Unique LDAP address, only when user is from LDAP
cn see user SSOv3 see user
warwickdeptcode see deptcode SSOv3 see deptcode
givenName see firstname SSOv3 see firstname
warwickyearofstudy 1, 2, 3, 4 SSOv2, SSOv3 If the user is a student, which year they are in
warwickfinalyear Y, N SSOv2, SSOv3 Is the student in their final year?
warwickcategory U, T, R, F SSOv2, SSOv3 U undergraduate; T taught postgraduate; R research postgraduate; F foundation
warwickcoursecode GV17, C700 SSOv2, SSOv3 This is the 4-character route code eg C700 biochemistry. There are 1466 such codes
warwickenrolementstatus F, P, 1, 2, M, G, R, E, T, Y, L SSOv2, SSOv3 F fully registered; P permanently withdrawn; 1 expected to enrol; 2 expected to re-enrol; M mandatory year abraod; G resitting without residence; R restrating next year; E in extension; T temporarily withdrawn; Y reciprocal exchange year; L limbo
logindisabled true, false SSOv2, SSOv3 Is this user actually able to login. You will be able to get details of this account, but the user will not be able to login because it has expired, been disabled or similar.
urn:websignon:usersource WarwickNDS, WBSAlumni, WarwickExtUsers, WarwickGradAssoc SSOv2, SSOv3 Newly added with release of SSOv3, but available in SSOv2 interfaces as well
urn:mace:dir:attribute-def:eduPersonScopedAffiliation member@warwick.ac.uk, affiliate@warwick.ac.uk, alum@warwick.ac.uk SSOv2, SSOv3 Basically signifies where the user came from. A member@warwick.ac.uk is a true Warwick person, but affiliate and alum are not full members, probably from a different user source
user cusyac, testuser SSOv2, SSOv3 The user code of this user
warwickstatuscode C, P, PD SSOv2, SSOv3 C (Current); P(permanently withdrawn); PD (permanently withdrawn in debt)