Identity in SSF #297
Description
Subject identity is a core part of SSF events - most events talk about something that happened to/with/by/etc. a subject.
But given the nature of Transmitters and Receivers as distinct peers, it's rare that the exact same subject identifier is known and used by both internally.
E.g. An end-user could have UserIdA assigned by the Transmitter, and UserIdB by the Receiver. When an event is sent by the Transmitter that relates to the end-user:
- either the Transmitter maps its identifier
UserIdA->UserIdB, and sendsUserIdBin the event - or it sends
UserIdA, and the Receiver does the mapping.
This identifier-mapping problem is currently out-of-band of the SSF specification. But without each Transmitter-Receiver pair solving this problem, the events received cannot be processed meaningfully.
This issue is for discussing ways to make this easier. Some possibilities (no preferences, just brainstorming):
- Standardize each subject's identifier, e.g. email for user.
- Standardize each subject's identity management protocol, e.g. SCIM for users and groups.
- Standardize a way to do identity management / identifier exchange in-protocol (within SSF).