Android Application Question

Tom Scavo trscavo at
Wed Jan 4 15:17:44 EST 2017

On Wed, Jan 4, 2017 at 2:58 PM, Cantor, Scott <cantor.2 at> wrote:
> On 1/4/17, 2:47 PM, "users on behalf of Marc Boorshtein" <users-bounces at on behalf of mboorshtein at> wrote:
>>  To do that with SAML I would guess to use the Artifact profile (which is basically all OpenID Connect code_token is) and
>> tell the IdP to redirect to your app's URL and then have your app use the artifact to make a SOAP call and get the
>> assertion.
> IdPs don't support artifact much in practice, so not really a practical option at this point, at least not for the Shibboleth case. If we needed to start moving in that direction, there are significant changes we'd have to push on, such as defining a new artifact format (which only Shibboleth would end up supporting).

Wouldn't it be better all the way around if the Shibboleth IdP just
supported OIDC?


More information about the users mailing list