Menu
▾
▴
Re: [Unity-idm-discuss] signaling 2FA usage
|
From: Sander A. <sa....@fz...> - 2022-03-03 13:30:36
|
Hi Krzysztof, On Thu, 2022-03-03 at 14:01 +0100, Krzysztof Benedyczak wrote: > Hi, > > W dniu 03.03.2022 o 11:12, Sander Apweiler pisze: > > Hi Krzysztof, > > sorry for extending the question, but it is related to this. Would > > it > > possible to signal this in the ACR claim in OIDC and section in > > SAML? > > This might be the best way for services to use this information. I > > do > > not expect that this will work in the next release. > > After the simple enhancement as discussed so far adding the acr claim > should not be a big problem in output profile. That sounds great. > > As for SAML subject confirmations (or any dedicated support for ACRs > in > OIDC) - that's broader topic. We even have some old ticket about this > in > SAML context. Surely we would need to discuss requirements here. This > is > pretty fuzzy subject as number of standards, specs, and approaches > used > is very wide, and it is hard to design a solution working well for > (at > least) all the major use cases. No worry. We can this information pass via an attribute. Best regards, Sander > > Best, > Krzysztof > -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Volker Rieke Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr. Astrid Lambrecht, Prof. Dr. Frauke Melchior ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
