Identity and Access Management
Identity Data Elements
All official attributes used in the creation and management of a digital identity.
What is a data element?
Data elements are the fields, columns, attributes, etc. used to capture and store data for information systems.
What identity data elements exist?
- Academic PPD
Grouping: Academic
Description: Concatenated value containing the plan, program, and degree information of a student
Sample Value: [{"career":"UGRD","plan_type":"MAJ","plan":"Information Systems BS","program":"Applied Sci & Tech Undergrad","degree":"BS","descr":"Bachelor of Science","acad_title":"Senior"}]
Attribute Name:
- CS: n/a
- Midpoint: extension/isuAcademicPPD
- AD: ISU Academic PPD
- LDAP: ISU Academic PPD
Restriction Level: Unrestricted
Owner: Registrar
- Academic Status
Grouping: Academic
Description: Current Student, Past Student, Future Student (single-valued)
Sample Value: Active in Program
Attribute Name:
- CS: "PS_ACAD_PROG.PROG_STATUS, lookup to PSXLATITEM.XLATLONGNAME" (Char 30 Mixed)
- Midpoint: n/a
- AD: n/a
- LDAP: n/a
Restriction Level: Highly Restricted
Owner: Registrar
- Academic Term Attending
Grouping: Academic
Description: Numeric code for the term for which a student is present
Sample Value: Spr 2017 (Short Description) or Spring Semester 2017 (Long Description)
Attribute Name:
- CS: PS_STDNT_CAR_TERM.STRM (Char 10 Mixed (Short Description)) lookup to PS_TERM_TBL for DESCR (Char 30 Mixed (Long Description))
- Midpoint: n/a
- AD: n/a
- LDAP: n/a
Restriction Level: Highly Restricted
Owner: Registrar
- Account Alumni UID
Grouping: Person
Description: Primary Account Key - Agilon One (Derived from UID)
Sample Value: CBYLNZBLN
Attribute Name:
- CS: n/a
- Midpoint:
- AD: n/a
- LDAP: ISUalumniId
Restriction Level: Highly Restricted
Owner: Registrar
- Account Lock Flag
Grouping: Person
Description: Flag for the user's account being locked
Sample Value: 1
Attribute Name:
- CS: n/a
- Midpoint: n/a
- AD: UserAccountControl
- LDAP: nsAccountLock
Restriction Level: Highly Restricted
Owner: Office of Identity and Access Management
- Account Password
Grouping: Person
Description: User-set Primary Password
Sample Value: NeverUsePassword!
Attribute Name:
- CS: n/a
- Midpoint: credentials/password/value
- AD: [Password]
- LDAP: userPassword
Restriction Level: Highly Restricted
Owner: Office of Identity and Access Management
- Account Sponsor
Grouping: Person
Description: Email address of the account sponsor for a sponsored account. Must be an ISU employee.
Sample Value: rredbird@ilstu.edu
Attribute Name:
- CS: n/a
- Midpoint: extension/accountSponsor
- AD: n/a
- LDAP: ISUguestSponsor
Restriction Level: Unrestricted
Owner: Office of Identity and Access Mangement
- Birthdate
Grouping: Person
Description: On-file Birthdate of the user
Sample Value: 18570218
Attribute Name:
- CS: PS_PERSON.BIRTHDATE (Date 10)
- Midpoint:
- AD: n/a
- LDAP: ISUbirthday
Restriction Level: Highly Restricted
Owner: Human Resources (Employee), Registrar (Student)
- Business Address - Building and Room
Business Address - Building and Room
Grouping: Person
Description: Building and room information of business location
Sample Value: SCH Schroeder Hall
Attribute Name:
- CS: PS_ADDRESSES.ADDRESS2 (TYPE=BUSN) (Char 55 Mixed)
- Midpoint: n/a
- AD: ISUBusinessAddressBuildingRoom
- LDAP: ISUBusinessAddressBuildingRoom
Restriction Level: Unrestricted
Owner: Human Resources
- Business Address - City
Grouping: Person
Description: Business location city
Sample Value: Normal
Attribute Name:
- CS: PS_ADDRESSES.CITY (TYPE=BUSN) (Char 30 Mixed)
- Midpoint: extension/workCity
- AD: l
- LDAP: ISUBusinessAddressCity
Restriction Level: Unrestricted
Owner: Human Resources
- Business Address - Country
Grouping: Person
Description: Business location country
Sample Value: USA
Attribute Name:
- CS: PS_ADDRESSES.COUNTRY (TYPE=BUSN) (Char 3 Upper)
- Midpoint: n/a
- AD: c
- LDAP: ISUBusinessAddressCountry
Restriction Level: Unrestricted
Owner: Human Resources
- Business Address - Line 1
Grouping: Person
Description: Department portion of the full business address of an employee
Sample Value: 3380 Ofc Technology Solutions
Attribute Name:
- CS: PS_ADDRESSES.ADDRESS1 (EFD - TYPE=BUSN) (Char 55 Mixed)
- Midpoint: extension/workAddressLine1
- AD: ISUBusinessAddressLine1
- LDAP: ISUBusinessAddressLine1
Restriction Level: Unrestricted
Owner: Human Resources
- Business Address - Line 2
Grouping: Person
Description: Building and room number portion of the full business address of an employee
Sample Value: SCH Schroeder Hall 001
Attribute Name:
- CS: PS_ADDRESSES.ADDRESS2 (TYPE=BUSN) (Char 55 Mixed)
- Midpoint: extension/workAddressLine2
- AD: ISUBusinessAddressLine2
- LDAP: ISUBusinessAddressLine2
Restriction Level: Unrestricted
Owner: Human Resources
- Business Address - State
Grouping: Person
Description: Business location state
Sample Value: IL
Attribute Name:
- CS: PS_ADDRESSES.STATE (TYPE=BUSN) (Char 6 Upper)
- Midpoint: extension/workState
- AD: st
- LDAP: ISUBusinessAddressState
Restriction Level: Unrestricted
Owner: Human Resources
- Building Address - Zip
Grouping: Person
Description: Business location postal code
Sample Value: 61790 3060
Attribute Name:
- CS: PS_ADDRESSES.POSTAL (TYPE=BUSN) (Char 12 Custom)
- Midpoint: extension/workZip
- AD: postalCode
- LDAP: ISUBusinessAddressZip
Restriction Level: Unrestricted
Owner: Human Resources
- Business Phone Number
Grouping: Person
Description: ISU-Provided Phone Number
Sample Value: (309) 438-4357
Attribute Name:
- CS: PS_PERSONAL_PHONE.PHONE (TYPE = BUSN) (Char 24 Custom XXX/XXX-XXXX)
- Midpoint: extension/workPhone
- AD: telephoneNumber, iPphone
- LDAP: telephoneNumber
Restriction Level: Unrestricted
Owner: Human Resources
- Campus (Business) Email Address
Campus (Business) Email Address
Grouping: Person
Description: Internal Contact Email - Provided by ISU
Sample Value: rredbird@ilstu.edu
Attribute Name:
- CS: PS_EMAIL_ADDRESSES.EMAIL_ADDR (TYPE = CAMP) (Char 70 Mixed)
- Midpoint: emailAddress
- AD: mail
- LDAP: mail
Restriction Level: Unrestricted
Owner: Human Resources (Employee), Registrar (Student)
- Concatenated Business Address
Grouping: Person
Description: All individual address parts combined into a concatenated address
Sample Value: 3380 Administrative Technologies . $ JH Julian Hall 104 $ Normal $ IL $ 61790-3380
Attribute Name:
- CS: n/a
- Midpoint: n/a
- AD: postalAddress, streetAddress, physicaldeliveryofficename
- LDAP: postalAddress
Restriction Level: Unrestricted
Owner: Human Resources
- Directory Suppress Flag
Grouping: Person
Description: Flag indicating directories should suppress display of account. For example, for reasons of FERPA suppression election by student.
Sample Value: 1 (yes… suppress) or 0
Attribute Name:
- CS: PS_PERSON_SA.FERPA (Char 1)
- Midpoint: extension/ferpaSuppress
- AD: ISUSuppress
- LDAP: ISUSuppress
Restriction Level: Highly Restricted
Owner: Registrar
- Display Name
Grouping: Person
Description: Full name in a one-line summary list (PREFERRED LAST, PREFERRED FIRST)
Sample Value: Redbirddie, Reggie
Attribute Name:
- CS: n/a
- Midpoint: n/a
- AD: displayName
- LDAP: cn
Restriction Level: Unrestricted
Owner: Human Resources (Employee), Registrar (Student)
- Distinguished Name
Grouping: Person
Description: Full path name of a directory entry (not a managed attribute)
Sample Value: CN=rredbird,OU=People,DC=ad,DC=ilstu,DC=edu
Attribute Name:
- CS: n/a
- Midpoint: n/a
- AD: distinguishedname
- LDAP: dn
Restriction Level: Unrestricted
Owner: Office of Identity and Access Management
- eduPerson Primary Affiliation
Grouping: Affiliation
Description: Single-valued expression of a person's primary affiliation with the University (business logic is applied and meets the requirements of the Internet2 eduPerson Object Class Specification)
Sample Value: student
Attribute Name:
- CS: n/a
- Midpoint: extension/eduPersonPrimaryAffiliation
- AD: eduPersonPrimaryAffiliation
- LDAP: eduPersonPrimaryAffiliation
Restriction Level: Unrestricted
Owner: Office of Identity and Access Management
- Electronic Signature
Grouping: Person
Description: Flag to capture whether user has opted-in to use electronic signature
Sample Value: Y or N
Attribute Name:
- CS: ISU_E_CONSENT.ISU_E_CONSENT (Char 1)
- Midpoint: extension/esigConsent
- AD: n/a
- LDAP: ISUelectronicSignature
Restriction Level: Restricted
Owner: Office of Identity and Access Management
- EmplID
Grouping: Person
Description: PeopleSoft employee identification number
Sample Value: 1000100100
Attribute Name:
- CS: PS_PERSON.EMPLID
- Midpoint: extension/emplID
- AD: n/a
- LDAP: ISUemplid
Restriction Level: Restricted
Owner: Peoplesoft Application Administrators
- Employee Primary Department Name
Employee Primary Department Name
Grouping: Employment
Description: Mail Code and Department Name (manually typed in HCM by HR on effective date of change); Note: A group will exist in the directory for each department. This was added per a request from WEB to be able to know what departments (multi-valued) a person belongs to. It was determined by the technical team, and agreed to by WEB, that one group per department would be an acceptable solution.
Sample Value: 6120 International Studies
Attribute Name:
- CS: n/a
- Midpoint: extension/departmentName
- AD: department
- LDAP: ou
Restriction Level: Unrestricted
Owner: Human Resources
- Employee Primary Manager
Grouping: Employment
Description: ULID of the Employee's supervisor
Sample Value: RREDBIRD
Attribute Name:
- CS: n/a
- Midpoint: extension/managerUsername
- AD: manager
- LDAP: ISUSupervisor
Restriction Level: Unrestricted
Owner: Human Resources
- Employee Primary Title
Grouping: Employment
Description: Employee's primary job title (derived from position number); This is separate from 'title' and 'academictitle' attributes
Sample Value: IT Tech Assoc
Attribute Name:
- CS: n/a
- Midpoint: extension/employeeTitle
- AD: ISUemployeeTitle
- LDAP: ISUemployeeTitle
Restriction Level: Unrestricted
Owner: Human Resources
- Extension Attribute 1
Grouping: Person
Description: Account type
Sample Value: ulid
Attribute Name:
- CS: n/a
- Midpoint: extension/ext1Override
- AD: extensionAttribute1
- LDAP: n/a
Restriction Level: Unrestricted
Owner: Office of Identity and Access Management
- Extension Attribute 2
Grouping: Employment
Description: Username of the Employee's supervisor
Sample Value: RRBIRD
Attribute Name:
- CS: n/a
- Midpoint: n/a
- AD: extensionAttribute2
- LDAP: n/a
Restriction Level: Unrestricted
Owner: Human Resources
- Extension Attribute 5
Grouping: Person
Description: Microsoft 365 License Tag
Sample Value: O365-Stu
Attribute Name:
- CS: n/a
- Midpoint: extension/ext5Override
- AD: extensionAttribute5
- LDAP: n/a
Restriction Level: Restricted
Owner: Unified Communications
- General Title
Grouping: Person
Description: A person's 'title' that correlates with their primary affiliation with ISU
Sample Value: Junior
Attribute Name:
- CS: n/a
- Midpoint: title
- AD: title
- LDAP: title
Restriction Level: Unrestricted
Owner: Human Resources (Employee), Registrar (Student)
- Home Address - City
Grouping: Person
Description: On-file Home Address of a user
Sample Value: Normal
Attribute Name:
- CS: PS_ADDRESSES.CITY (TYPE=HOME) (Char 30 Mixed)
- Midpoint: n/a
- AD: n/a
- LDAP: n/a
Restriction Level: Unrestricted
Owner: Human Resources (Employee), Registrar (Student)
- Home Address - Country
Grouping: Person
Description: On-file home address country of a user
Sample Value: USA
Attribute Name:
- CS: PS_ADDRESSES.COUNTRY (TYPE=HOME) (Char 3 Upper)
- Midpoint: n/a
- AD: n/a
- LDAP: n/a
Restriction Level: Unrestricted
Owner: Human Resources (Employee), Registrar (Student)
- Home Address - Line1
Grouping: Person
Description: On-file home street address of a user
Sample Value: 100 N University St
Attribute Name:
- CS: PS_ADDRESSES.ADDRESS1 (TYPE=HOME) (Char 55 Mixed)
- Midpoint: n/a
- AD: n/a
- LDAP: n/a
Restriction Level: Unrestricted
Owner: Human Resources (Employee), Registrar (Student)
- Home Address - Line2
Grouping: Person
Description: On-file home apartment number of a user
Sample Value: Apt 151
Attribute Name:
- CS: PS_ADDRESSES.ADDRESS2 (TYPE=HOME) (Char 55 Mixed)
- Midpoint: n/a
- AD: n/a
- LDAP: n/a
Restriction Level: Unrestricted
Owner: Human Resources (Employee), Registrar (Student)
- Home Address - State
Grouping: Person
Description: On-file Home Address of a user
Sample Value: IL
Attribute Name:
- CS: PS_ADDRESSES.STATE (TYPE=HOME) (Char 6 Upper)
- Midpoint: n/a
- AD: n/a
- LDAP: n/a
Restriction Level: Unrestricted
Owner: Human Resources (Employee), Registrar (Student)
- Home Address - Zip
Grouping: Person
Description: On-file postal code of a user
Sample Value: 61761-1212
Attribute Name:
- CS: PS_ADDRESSES.POSTAL (TYPE=HOME) (Char 12 Custom XXXXX-XXXX)
- Midpoint: n/a
- AD: n/a
- LDAP: n/a
Restriction Level: Unrestricted
Owner: Human Resources (Employee), Registrar (Student)
- Home Phone Number
Grouping: Person
Description: Primary personal contact phone number
Sample Value: (309) 555-1212
Attribute Name:
- CS: PS_PERSONAL_PHONE.PHONE (TYPE = HOME) (Char 24 Custom XXX/XXX-XXXX)
- Midpoint: n/a
- AD: n/a
- LDAP: n/a
Restriction Level: Unrestricted
Owner: Human Resources (Employee), Registrar (Student)
- Initials
Grouping: Person
Description: Contains the initials for parts of the user's full name; Concatenation: First letter of preferred first name, first letter of middle name, first letter of preferred last name. If preferred names are not available, then default to first letter of legal first/last name. If no middle name is available, then concatenate first/last initials only.
Sample Value: RTR
Attribute Name:
- CS: n/a
- Midpoint: extension/initials
- AD: initials
- LDAP: initials
Restriction Level: Unrestricted
Owner: Human Resources (Employee), Registrar (Student)
- isuPrimaryAffiliation
Grouping: Affiliation
Description: Single-valued expression of a person's primary affiliation with the University (business logic is applied, and is based on logic determined by HR and Registrar)
Sample Value: AFL_CIVIL_SERVICE
Attribute Name:
- CS: n/a
- Midpoint: extension/isuPersonPrimaryAffiliation
- AD: iSUPersonPrimaryAffiliation
- LDAP: ISUPrimaryAffiliation
Restriction Level: Unrestricted
Owner: Office of Identity and Access Management
- Legal First Name
Grouping: Person
Description: US or Illinois Recognized First Name
Sample Value: Reginald
Attribute Name:
- CS: PS_NAMES.FIRST_NAME (TYPE = PRI) (Char 30 Mixed)
- Midpoint: givenName
- AD: ISUPersonLegalFirstName
- LDAP: ISUPersonLegalFirstName
Restriction Level: Unrestricted
Owner: Human Resources (Employee), Registrar (Student)
- Legal Last Name
Grouping: Person
Description: US or Illinois Recognized Last Name
Sample Value: Redbird
Attribute Name:
- CS: PS_NAMES.LAST_NAME (TYPE = PRI) (Char 30 Mixed)
- Midpoint: familyName
- AD: ISUPersonLegalLastName
- LDAP: ISUPersonLegalLast
Restriction Level: Unrestricted
Owner: Human Resources (Employee), Registrar (Student)
- MFA Date
Grouping: Person
Description: Date user was enrolled in MFA through account self service
Sample Value: 20190904
Attribute Name:
- CS: n/a
- Midpoint: extension/mfaDate
- AD: n/a
- LDAP: n/a
Restriction Level: Highly Restricted
Owner: Office of Identity and Access Management
- MFA Eligible
Grouping: Person
Description: Enables user to enroll in MFA via account self service
Sample Value: Y or N
Attribute Name:
- CS: n/a
- Midpoint: extension/mfaEligible
- AD: n/a
- LDAP: n/a
Restriction Level: Highly Restricted
Owner: Office of Identity and Access Management
- MFA Status
Grouping: Person
Description: Indicates whether a user is enrolled in MFA. Populates the INT_MFA_STATUS role -> triggers INT_MFA_STATUS access policy -> puts the users into the AD Group AT_O365MFAEnforced
Sample Value: Y or N
Attribute Name:
- CS: n/a
- Midpoint: extension/mfaStatus
- AD: n/a
- LDAP: n/a
Restriction Level: Highly Restricted
Owner: Office of Identity and Access Management
- Middle Name
Grouping: Person
Description: US or Illinois Recognized Middle Name
Sample Value: Terry
Attribute Name:
- CS: n/a
- Midpoint: extension/middleName
- AD: middleName
- LDAP: ISUmiddlename
Restriction Level: Unrestricted
Owner: Human Resources (Employee), Registrar (Student)
- Password Change Date
Grouping: Person
Description: Date of last password change
Sample Value: 2017-04-27T14:25:19.570
Attribute Name:
- CS: n/a
- Midpoint: extension/pwdChangeDate
- AD: passwordlastset
- LDAP: ISUpasswordChangeDate
Restriction Level: Restricted
Owner: Office of Identity and Access Management
- Password Expiration Date
Grouping: Person
Description: Date of next password expiration
Sample Value: 2017-10-24T14:25:18.906
Attribute Name:
- CS: n/a
- Midpoint: extension/pwdExpireDate
- AD: n/a
- LDAP: ISUpasswordExpirationDate
Restriction Level: Restricted
Owner: Office of Identity and Access Management
- PeopleSearch Disable Flag
Grouping: Person
Description: Flag that is used to disable accounts (typically service accounts) from being shown in People Search/Finder. This is currently being done manually.
Sample Value: n/a
Attribute Name:
- CS: n/a
- Midpoint: n/a
- AD: n/a
- LDAP: ISUPeopleSearchDisabled
Restriction Level: Restricted
Owner: Office of Identity and Access Management
- Personal Email Address (3rd Party Email)
Personal Email Address (3rd Party Email)
Grouping: Person
Description: External Contact Email used for Verification
Sample Value: rredbird@gmail.com
Attribute Name:
- CS: PS_EMAIL_ADDRESSES.EMAIL_ADDR (TYPE = PERS) (Char 70 Mixed)
- Midpoint:
- AD: n/a
- LDAP: n/a
Restriction Level: Highly Restricted
Owner: Human Resources (Employee), Registrar (Student)
- Preferred First Name
Grouping: Person
Description: ISU-approved preferred First Name (defaults to legal first if no preferred specified)
Sample Value: Reggie
Attribute Name:
- CS: PS_NAMES.FIRST_NAME (TYPE = PRF) (Char 30 Mixed)
- Midpoint: extension/preferredFirstName
- AD: givenName
- LDAP: givenName
Restriction Level: Unrestricted
Owner: Human Resources (Employee), Registrar (Student)
- Preferred Last Name
Grouping: Person
Description: ISU-approved preferred Last Name (not available via self-service). Defaults to legal last name if no preferred name specified.
Sample Value: Redbirddie
Attribute Name:
- CS: PS_NAMES.LAST_NAME (TYPE = PRF) (Char 30 Mixed)
- Midpoint: extension/preferredLastName
- AD: sn
- LDAP: sn
Restriction Level: Unrestricted
Owner: Human Resources (Employee), Registrar (Student)
- Primary Academic Title (Academic Standing)
Primary Academic Title (Academic Standing)
Grouping: Academic
Description: Academic level (example: freshman); This is separate from 'title' and 'employee title attributes
Sample Value: Junior
Attribute Name:
- CS: PS_STDNT_CAR_TERM.ACAD_LEVEL_BOT (will need to decode)
- Midpoint: extension/academicTitle
- AD: ISUacademicTitle
- LDAP: ISUacademicTitle
Restriction Level: Unrestricted
Owner: Registrar
- sambaSID
Grouping: Person
Description: Primary Account Key - Samba Shares (Derived from UID)
Sample Value: 25930
Attribute Name:
- CS: n/a
- Midpoint: n/a
- AD: n/a
- LDAP: sambaSID
Restriction Level: Restricted
Owner: CCA
- Univerity Logon Identifier (ULID)
Univerity Logon Identifier (ULID)
Grouping: Person
Description: Account Named used to log into University Services
Sample Value: RREDBIRD
Attribute Name:
- CS: PSOPRDEFN.OPRID (Char 30 Mixed)
- Midpoint: name
- AD: sAMAccountName
- LDAP: uid
Restriction Level: Unrestricted
Owner: Office of Identity and Access Management
- University Identification Number (UID)
University Identification Number (UID)
Grouping: Person
Description: Primary Account Key - HCM System
Sample Value: 800010020
Attribute Name:
- CS: PS_PERSON_SA.CAMPUS_ID (Char 16 Upper)
- Midpoint: extension/uidNumber
- AD: n/a
- LDAP: employeeNumber
Restriction Level: Restricted
Owner: Peoplesoft Application Administrators
Title | Description | Sample Value |
---|---|---|
Master Survey Flag (depreciated) | User-set flag to control Opt-in or Opt-out of Surveys | Y or N |