Enforce MFA for federated IDPs
zunan.dong at utoronto.ca
Fri May 3 14:56:03 EDT 2019
https://refeds.org/profile/mfa is an AuthnContextClassRef inserted into SAML Req/Resp. Is there any entity category that ensures a particular IDP supports this Authn Context?
I have found a final report of "Multi-Factor Authentication Inter-operability". It seems like whether to create an entity category for MFA in InCommon is still on pending. Do you have a conclusion for that?
Authentication Systems Specialist
Information Technology Service
University of Toronto
From: users <users-bounces at shibboleth.net> on behalf of Scott Koranda <skoranda at gmail.com>
Sent: Thursday, 25 April 2019 10:41:27 AM
To: Shib Users
Cc: Jin Fang
Subject: Re: Enforce MFA for federated IDPs
> We have an SP requires MFA for internal users(authenticate against our
> internal IDP). Now we want users from other universities/institutions to
> use this SP through federated IDPs. How do we enforce MFA for those
> IDP/users? Is there a standard that helps the collaboration between SPs
> and IDPs on MFA enforcement(like R&S, SIRTFI)?
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users