Supported Authentication Attributes

One of the following attribute sets may be selected in DSA Manager.

Toggle Item
Default
IAM ID
The IAM ID uniquely identifies the authenticated account in the authorization system. You may use this identifier to correlate records in your application and to request domain-specific identifiers from other systems. You MUST NOT use this identifier as the primary key in your application.
Toggle Item
Okta Migration (Only available through June 2027)
IAM ID (see: Default)
BYU ID
NetID
Worker ID
Username (NetID Scoped)
Display Name
Toggle Item
Custom (Vendor)
IAM ID (see: Default)
BYU ID
NetID
Worker ID
Display Name
Username (NetID Scoped)
BYU Internal Email
Personal Email
Student Given name
Student Middle Name
Student Surname
Student Preferred Given Name
Student Preferred Surname
Worker Given Name
Worker Middle Name
Worker Surname
Worker Preferred Given Name
Worker Preferred Surname
Toggle Item
InCommon (Only available for vendor integrations)
eduPersonPrincipalName (Net ID)
mail (BYU Internal Email)
sn (surname)
givenName (first name)
eduPersonScopedAffiliation - permissible values: faculty, student, staff, alum, member, affiliate, employee, library-walk-in

The set of authentication attributes supported by Okta is smaller than the set formerly supported by CAS. Applications that need other data should retrieve that information from the system of record.