Allowing OIS during enrollment currently creates additional OrgIdentity records attached to the main OrgIdentity created during enrollment. However, nothing can be done with the information gathered by these OIS records, except allowing login.
This use case is about using the information of the OIS records to pre-fill enrollment petitioner attributes, much like is currently possible by specifying the right environment variables. It would be convenient to use the OIS record to pre-fill name, email, O, OU, title and affiliation information.
Using environment variables for this to interface with, for example, SAML data that is injected by mod_mellon or shibboleth is insufficient. It runs into several problems, like:
- no support for displayName in COmanage and no way to split it from the environment
- multiple values possible for some attributes like affiliation
- different email types (preferred, home, official) are available in different variables, but only one is allowed as default field and that might not be available