Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


  • Federated Identity: Authentication happens at a home institution's IdP. Attributes may or may not be retrieved. self_require_authn or admin_require_authn must be enabled.
  • IdP of Last Resort: The CO will manage the user's credentials. self_require_authn or admin_require_authn may both be disabled. The early provisioning step is intended to support this model – allowing the creation of credentials before the user authentication step.
  • Account Linking: An individual known to the platform has more than one IdP, and would like the identities asserted from each IdP linked to the same profile.

Gliffy Diagram
displayNameRegistry CMP Enrollment
nameRegistry CMP Enrollment