Using metadata-driven overrides and relying party config

Cantor, Scott cantor.2 at
Thu Jan 14 21:47:50 UTC 2021

On 1/14/21, 4:43 PM, "users on behalf of Michael Grady" <users-bounces at on behalf of mgrady at> wrote:

>    Ah, yes. Once one adds it to the DefaultRelying party, one can think of it "turned on" for evreything.  Personally, I think
> it would be good to have such an on/off switch, and not be required at the level it is, but a good reminder that it is.

It would have been simple to globally wire it up as a default, but the problem is that opening up to metadata like this is a big, big deal if you don't take care and protect against external metadata tag injection, so that wasn't really an option.

-- Scott

More information about the users mailing list