You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
it's a coarse way to limit the set of valid users for that app to just the subset of those from that particular IdP, using just configuration and no code in the app, and
it's a way less confusing user experience for people using an app that's specific to just one IdP
The broker should probably take a parameter like "allowed_providers" at creation time. If the user supplies one not in the list of IdP origins configured in UAA, a failure message can indicate the set of valid origins (and that list could be filtered if need be to keep people from making apps that use a particular origin that's reserved in some way).
The text was updated successfully, but these errors were encountered:
It's possible to restrict the set of IdPs that a UAA client will be authenticated against using
allowed providers
in UAA.https://docs.cloudfoundry.org/uaa/uaa-concepts.html#additional-info
This is cool because
The broker should probably take a parameter like "allowed_providers" at creation time. If the user supplies one not in the list of IdP
origins
configured in UAA, a failure message can indicate the set of validorigins
(and that list could be filtered if need be to keep people from making apps that use a particular origin that's reserved in some way).The text was updated successfully, but these errors were encountered: