SP registration APIs
liamr at umich.edu
Wed Aug 1 15:56:00 EDT 2018
> > OIDC with no trust (only web PKIX) and self-registration is probably
> > closest to what you have right now?
> Given that Liam has asked about OIDC before, that was my first thought
> as well, FWIW.
I think OIDC's dynamic registration might be the closest match to what's
going on in Cosign, and it /is/ supported by the GEANT OIDC provider.
Running an open SAML IDP or enabling OIDC dynamic registration creates a
similar problem that we're having with Cosign - we don't have a good idea
of who's using our service or how to get in touch with them.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users