<div dir="ltr">I just spoke with an organization that wants to become a Provider so that other RP web sites can specifically tell if the logging in user is a member of this organization by whether their OpenID Identifier was asserted by that org's OP. <div>
<br></div><div>Ideally, I'd like this org to choose to be an RP instead of an OP because there are already too many OPs out there and not enough RPs, IMO. </div><div><br></div><div>How can an RP accept an OpenID Identifier from arbitrary OPs, but at each login determine whether the Identifier represents a user who belongs to a particular Organization? Basically the Organization needs to send an assertion about the Identifier's membership, but only be willing to do so if that identifier is confirmed as having logged in successfully to that RP. This would be easy to do if that Org was an OP, but I'm trying to reduce the # of reasons to be an OP.</div>
</div>