Child pages
  • Draft requirements for a Social2SAML gateway service

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. The gateway can operate in either of two modes -- we need to specify which mode is needed first:
    1. a gateway (local or in the cloud) serving an entire campus (campus-level admins configure SPs to use the gateway, and there is some model for delegated administration)
    2. a gateway serving a single SP (SP admins at your campus configure their apps to use the gateway directly)
  2.  The The gateway would include a Gateway Administer functionality Manager function that would allow the admin to specify, on a per SP basis:
    1. which social providers can be used on a per-SP basis (ie (i.e., the gateway would export endpoints which the SP could use to connect through to those social providers)
    2. which algorithm is used to compute eduPersonTargetedID (ePTID) and eduPersonPrincipalName (ePPN) attributes (see https://spaces.at.internet2.edu/display/socialid/Google+OpenID+Gateway+Attributes next section)
    3. for the enterprise model, manage individual SPs

...