Scribing Template --Tues., Nov 12, 2013 at 9:45am -- Santa Barbara

TOPICUser Managed Access Built into SAML2 IDP 

CONVENER: Roland Hedberg

SCRIBE: Michael Schwartz

# of ATTENDEES: 25

MAIN ISSUES DISCUSSED: 

Roland laid out a use case where attribute release policies are a 
hassle to manage by the institution IT management. He mentioned work in 
U-Approve. He saw UMA as a way to standardize the approach, and decided 
to try to implement. In his IDP implementation, he ran into some 
problems, and this session.
Scott Cantor asked how the IDP would manage attributes which make no 
sense to the person.
Mike Schwartz clarified that UMA does not specify who makes the 
decision, or how the policy is expressed.
Roland gave an overview of his implementation, in which the IDP (or 
OpenID Provider---OP) is an UMA, and the permissions for attribute release 
are stored in the AS.

ACTIVITIES GOING FORWARD / NEXT STEPS:

If slides are used in the session, please ask presenters to convert their slides to PDF and email them to acamp-info@incommon.org

  • No labels