Own self-service
Yakov Revyakin
yrevyakin at gmail.com
Mon Jul 15 05:41:06 EDT 2019
Hi guys,
I have an identity store with information about users including different
attributes like a surname and email. The backend doesn't store any
credentials like a password. I need to provide SAML IdP for these users
with password authentication. I have no chance to change the identity store.
I would like to have in place the following flow:
- IdP shows the authentication form for a user. The user has no
credentials and can't go through authentication. The page provides an
ob-boarding link. The user provides his username and obtains confirmation
link on his mailbox. The user goes by the link and creates a password. When
a password is created the user can enter self-service and set a new
password. So, after password confirmation, the IdP is an owner of the user
credentials.
- When a password is created the user can go through authentication to
SP with username and password.
Q: Does Shibboleth IdP provide tools and means to implement registration
and self-service flow or I need to use different tools to develop that
functions? Could you direct me with relevant reading?
Thanks,
Jake
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20190715/3ea8f12d/attachment.html>
More information about the users
mailing list