Status
The survey closed on January 20, 2017. The working group is in the process of compiling the final report. The following is our preliminary findings.
Basics
- The OIDC Survey ran from December 22, 2016 through January 20, 2017
- We received a total 143 responses
- Survey was sent to the following mailing lists:
- InCommon Participants
- InCommon Announce
- REFEDS
- various University of California and Cal State technical lists
- ITANA
- EDUCAUSE
- CLAC
- BTAA/CIC
- Possibly other lists. We asked everyone to forward the survey invite.
Response By Region
Response by Job Role
Response Summary
- 65% of respondents must have or are very interested in using OIDC/OAuth in API development.
- 53% must have or are very interested in letting users sign in to OIDC/OAuth apps from multiple universities using their respective campus credentials.
- 87.7% believe OIDC/OAuth should be built into future Shibboleth or TIER offerings.
- 67% believe OIDC/OAuth offering should support current HE federation model.
- We asked respondents to identify OIDC/OAuth server products they use. There was not a clear winner. The largest answer was Google (13%).
- There were dozens of open ended OIDC/OAuth use case responses. We are still sorting through them.
Survey Response Trend - Spreadsheet showing the response evolution through 4 samplings during the survey period.
Observation So Far
- There is likely enough demand to charge next working group to address use cases and possibly implementation recommendation - possible CACTI item
- Potentially hold webinar to elicit/clarify additional use case details from call participants, particularly developers
- InCommon may wish to
- Develop higher ed deployment profile for OIDC/Oauth (e.g. Profile from healthcare: http://openid.net/wg/heart/)
- Map eduPerson to OIDC/OAuth friendly formats (JWT?)
- reach out to existing REFEDS group: https://wiki.refeds.org/display/GROUPS/Mapping+SAML+attributes+to+OIDC+Claims
- There are many efforts; we need coordination (CACTI?)