Skip to Content


Vinyl's authentication model is fundamentally claims-based. Authentication schemes, such as WS-Federation and SAML single sign-on (SSO) supply a set of claims about the user. Vinyl uses those claims to identify the user and update user attributes such as the user's email address. Even authentication schemes that are not inherently claims-based are treated as such by Vinyl.

Supported claims

Vinyl recognizes the following claims:

Name Description
Name ID The name identifier is an opaque, immutable value assigned to the user. It cannot be reassigned or reused.
Name The unique name of the user. Common values used for the name claim include user names, such as SAM account names, and email addresses.
E-mail Address The e-mail address of the user.
Display Name The user's preferred display name.
Full Name The user's full name. E.164 is the recommended format. RFC 3966 is recommended for extensions.
Phone Number The user's preferred phone number.
Group User group membership.

Either the Name ID or Name claim must be supplied. All other claims are optional.


Note that specific authentication providers may support additional claims.