Skip to content Skip to site navigation Skip to service navigation

SAML Privacy Policy

SAML Attribute Release Policy

For many SAML-enabled sites to allow a user to access protected materials, certain information about the user must be provided. Some sites need to know name, e-mail address, or a specific entitlement (Stanford handles entitlement through workgroup memberships). Some others merely want to know whether the user is Stanford faculty, staff, or student, and don’t depend upon the particular identity of the user in question — only that Stanford is willing to vouch for them. For sites using SAML on campus, attribute release policies are commensurate with the policies for sites using Stanford Authentication and Authorization (SAML or WebAuth).

Depending on the Service Provider, we release certain user attributes. For qualified Service Providers we release a standard set of attributes, per data owners' approval.

Online Privacy Policy

See the Stanford University Online Privacy Policy, updated in May 2018 to align with General Data Protection Regulation (GDPR) requirements. 

Contact Information

If you have questions about our Privacy Policy, we would like to hear from you. Submit a Help request with your questions.

Last modified April 14, 2023