Solicited and Unsolicited

Nate Klingenstein ndk at
Wed Apr 3 19:03:51 EDT 2019

> So in effect, they want to act as a login handler for your IdP.  You could in theory accomplish this if you were willing to write a mechanism in the application capable of itself securely exposing the user login session along with developing a Rube Goldberg MFA script and a few other things.

Actually, I suppose you could accomplish this by using an ordered list of login handlers, the first bouncing quickly off that mechanism built into their application, followed by Password should that fail.

I still wouldn't do this.

More information about the users mailing list