Child pages
  • Draft requirements for a Social2SAML gateway service

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


  1. Support for Google OpenID has been demonstrate
  2. Prioritize other Social Identity Providers that are required:
    1. Facebook
    2. Yahoo
    3.  ?


  1. The GW is just a translator; it maps the values in the assertion received from a social identity provider to values in a SAML assertion sent to the service provider. The GW does NOT add any attributes to the SAML assertion that are sourced from any other sources.
  2. The GW will be stateless; it will not include anything resembling a Person Registry; it will not remember anything about a browser user who traverses the GW.
  3. The browser user should only have to traverse a single Discovery Service; the user should not be forced to traverse multiple DSs (e.g., the user shouldn't have to select "social gateway" from the local DS, and then select a specific social IDP when they reach the GW).
  4. The GW will not initially include an invitation service. However, campus-based invitation services should be able to easily use the gateway.
  5. It will be transparent to the SP whether gateway or native social protocol support is used.