Support eduPersonPrincipalName (ePPN) as an unique identifier for Single Sign On integration
K
Kathy Chen
We use ePPN as the unique identifier because a person's ePPN remains the same regardless of any changes to the person; it is unique and persistent. Email address is not ideal because it changes frequently as people move to different jobs across the campus, change their names, etc. Also, for student workers, they may have several email addresses (e.g. official school email, work email, preferred contact email) and the email address for Single Sign On may not the one for notifications related to SmartSuite tasks. It'll be helpful to have another field in SmartSuite for users to specify in their preferred email address to get notifications from the system, separate from the identifier for SSO.
K
Kathy Chen
Hello Jon Darbyshire! Please refer to my responses below:
- What specific systems or platforms are you currently using for Single Sign On that require ePPN as the unique identifier? [KC]: We are using Shibboleth.
- How do you envision the process for users to specify their preferred email address for notifications? [KC]: Ideally users can specify their preferred email address as part of their profile. ePPN would only exist behind the scenes and maintained by admin (to prevent users from accidentally changing it)
- Are there any specific security or privacy considerations we should be aware of when implementing ePPN as the unique identifier? [KC]: I checked with our technical team and confirmed there aren't any security or privacy concerns when using ePPN.
Please let me know if any other questions or information is needed for your review. Thank you for the consideration!
Jon Darbyshire
Hey Kathy Chen, thanks for your feedback! I have a few more questions for you:
- What specific systems or platforms are you currently using for Single Sign On that require ePPN as the unique identifier?
- How do you envision the process for users to specify their preferred email address for notifications?
- Are there any specific security or privacy considerations we should be aware of when implementing ePPN as the unique identifier?