[Openid-specs-fastfed] FastFed Requirements

Mike Schwartz mike at gluu.org
Thu Jun 1 03:19:17 UTC 2017


 From reading the spec, here is the list of requirements I gleaned:

1.   Machine readable format to expedite provisioning.
2.   Express whether SP requires user pre-provisioning
3.   User Schema: specify attribute identification
4.   User Schema: specify if required by RP
5.   User Schema: specify attribute format requirements
6.   User Schema: specify mapping / equivalency
7.   User Schema: Subject identification / naming requirements
8.   Expiration / Rotation of entity certificates used for trust
9.   Expiration / Rotation of RP credentials
10.  Client / SP registration requirements
11.  User Schema: support for custom requirements
12.  Specify required features of federation protocols (ignore esoteric 
SAML)
13.  Specify which protocols are supported
14.  How to obtain a software statement (token) for OpenID Connect 
Registration
15.  Publish location of federation configuration files (dynamic or 
static)
16.  Enable configuration of access rules for an RP

Did I miss anything?

- Mike



More information about the Openid-specs-fastfed mailing list