Child pages
  • Rationale for Required and Desired Features in the IdP of Last Resort Working Group Report

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


a. This is a requirement for InCommon Bronze Identity Assurance profile, as well as the related Silver Profile and multi-factor authentication, if supported.

To support a higher level of assurance of identity for higher risk or higher value services, an SP needs a way to signal to the IdP that it needs a particular level of authentication. The Security Assertion Markup Language (SAML) protocol defines a way to signal the need for a specific authentication context. Requirement R4 obliges the IdP of Last Resort to support this part of the SAML protocol. When the US Government begins requiring Assurance profile support for credentials, the Identity Provider will be able to provide them.