Own self-service

Yakov Revyakin yrevyakin at gmail.com
Mon Jul 15 05:41:06 EDT 2019

Hi guys,
I have an identity store with information about users including different
attributes like a surname and email. The backend doesn't store any
credentials like a password. I need to provide SAML IdP for these users
with password authentication. I have no chance to change the identity store.
I would like to have in place the following flow:

   - IdP shows the authentication form for a user. The user has no
   credentials and can't go through authentication. The page provides an
   ob-boarding link. The user provides his username and obtains confirmation
   link on his mailbox. The user goes by the link and creates a password. When
   a password is created the user can enter self-service and set a new
   password. So, after password confirmation, the IdP is an owner of the user
   - When a password is created the user can go through authentication to
   SP with username and password.

Q: Does Shibboleth IdP provide tools and means to implement registration
and self-service flow or I need to use different tools to develop that
functions?  Could you direct me with relevant reading?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20190715/3ea8f12d/attachment.html>

More information about the users mailing list