Solicited and Unsolicited
Nate Klingenstein
ndk at signet.id
Wed Apr 3 19:03:51 EDT 2019
> So in effect, they want to act as a login handler for your IdP. You could in theory accomplish this if you were willing to write a mechanism in the application capable of itself securely exposing the user login session along with developing a Rube Goldberg MFA script and a few other things.
Actually, I suppose you could accomplish this by using an ordered list of login handlers, the first bouncing quickly off that mechanism built into their application, followed by Password should that fail.
I still wouldn't do this.
More information about the users
mailing list