[Openid-specs-risc] openid/sharedsignals: New Issue opened
github at oidf.org
github at oidf.org
Tue Oct 7 16:46:29 UTC 2025
openid/sharedsignals event
Issue opened
Issue Title: Identity in SSF
https://github.com/openid/sharedsignals/issues/297
_Subject identity_ is a core part of SSF events - most events talk about something that happened to/with/by/etc. a subject. But given the nature of Transmitters and Receivers as distinct peers, it's rare that the exact same subject _identifier_ is known and used by both internally. E.g. An end-user could have `UserIdA` assigned by the Transmitter, and `UserIdB` by the Receiver. When an event is sent by the Transmitter that relates to the end-user: - either the Transmitter maps its identifier `UserIdA` -> `UserIdB`, and sends `UserIdB` in the event - or it sends `UserIdA`, and the Receiver does the mapping. This identifier-mapping problem is currently out-of-band of the SSF specification. But without each Transmitter-Receiver pair solving this problem, the events received cannot be processed meaningfully. This issue is for discussing ways to make this easier. Some possibilities (no preferences, just brainstorming): - Standardize each subject's identifier, e.g. email for user. - Standardize each subject's identity management protocol, e.g. SCIM for users and groups. - Standardize a way to do identity management / identifier exchange in-protocol (within SSF).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20251007/0a07e7d5/attachment.htm>
More information about the Openid-specs-risc
mailing list