-
Notifications
You must be signed in to change notification settings - Fork 12
Closed
Description
Based on the discussion thus far in WG calls, GH comments, and Slack, here is my proposal for a scope for v1, presented as a developer user story.
As a developer building a new B2B SaaS application, I need to:
- set up user and group provisioning and deprovisioning between a customer's workforce IdP and my application
- set up user authentication via federated relationship with a customer's workforce IdP
- ensure end users only have access to what they need in my application at any given point in time
- be able to convey to the customer's IdP that I require a certain authentication level
- know whether that authentication level was met at the IdP during a sign in
- be notified when tokens have been revoked
- be notified when sessions have been invalidated
- receive real-time signals about changes in account posture or integrity
To make that happen, I need to know:
- which protocols I should use
- how to securely implement and deploy those protocols at scale
- how to implement those protocols in an interoperable manner
dhs-BI, aaronpk, mike-kiser-sp and jischr
Metadata
Metadata
Assignees
Labels
No labels