IAM David Bantz
dabantz at alaska.edu
Mon Aug 30 18:57:04 UTC 2021
Ironically, this is was the 3rd instance of a CircleIn relying party in my
IdP. The previous 2 use a hosting service and happily consume persistent
employeeNumber and/or eduPersonUniqueId (name-based UID is not guaranteed
persistent, so I always urge use of the ID# and/or ePUID).
This 3rd instance was relying on their newer in-house SAML Service. Before
we got too far into attribute consumption however, CircleIn abandoned
attempts to use their internal SAML service because they were unable to
provide a digitally signed request that my Shibboleth IdP would accept. So
we’re back to them relying on hosting service and consuming persistent
On 30Aug, 2021 at 10:33:30, Leonard J. Peirce <leonard.peirce at wmich.edu>
> On 2021-08-23 3:11 p.m., Cantor, Scott wrote:
> On 8/23/21, 2:48 PM, "users on behalf of IAM David Bantz" <
> users-bounces at shibboleth.net on behalf of dabantz at alaska.edu> wrote:
> > A newly licensed vended service Is requesting I release “sis_login_id”
> attribute. Is this more than a blinkered
> > “We’ll make it up as we go along” integration policy?
> This sounds familiar -- CircleIn?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users