Android Application Question

Tom Scavo trscavo at gmail.com
Wed Jan 4 15:17:44 EST 2017


On Wed, Jan 4, 2017 at 2:58 PM, Cantor, Scott <cantor.2 at osu.edu> wrote:
> On 1/4/17, 2:47 PM, "users on behalf of Marc Boorshtein" <users-bounces at shibboleth.net on behalf of mboorshtein at gmail.com> wrote:
>
>>  To do that with SAML I would guess to use the Artifact profile (which is basically all OpenID Connect code_token is) and
>> tell the IdP to redirect to your app's URL and then have your app use the artifact to make a SOAP call and get the
>> assertion.
>
> IdPs don't support artifact much in practice, so not really a practical option at this point, at least not for the Shibboleth case. If we needed to start moving in that direction, there are significant changes we'd have to push on, such as defining a new artifact format (which only Shibboleth would end up supporting).

Wouldn't it be better all the way around if the Shibboleth IdP just
supported OIDC?

Tom


More information about the users mailing list