I'm interested in too. nov
> On Apr 7, 2016, at 07:14, Mike Jones <michael.jo...@microsoft.com> wrote: > > For the record, I’m interested. > > From: scim [mailto:scim-boun...@ietf.org] On Behalf Of Hardt, Dick > Sent: Tuesday, April 5, 2016 7:26 PM > To: Phil Hunt (IDM) <phil.h...@oracle.com> > Cc: s...@ietf.org; oauth@ietf.org > Subject: Re: [scim] Simple Federation Deployment > > I’m talking about removing manual steps in what happens today where > configuring a SaaS app at an IdP (such as Google, Azure, Ping, Octa) requires > is a bunch of cutting and pasting of access tokens / keys / certs and doing a > bunch of config that is error prone and unique for each relationship. > > Don’t want to solve on the thread … looking to see if there is interest! > > On 4/5/16, 7:11 PM, someone claiming to be "scim on behalf of Phil Hunt > (IDM)" <scim-boun...@ietf.org on behalf of phil.h...@oracle.com> wrote: > > Is the idp the center of all things for these users? > > Usually you have a provisioning system that coordinates state and uses things > like scim connectors to do this. > > Another approach from today would be to pass a scim event to the remote > provider which then decides what needs to be done to facilitate the thingd > you describe. > > Iow. Either the idp (sender) or the sp (receiver) have a provisioning system > to do this. > > The solution and the simplicity depends on where the control needs to be. > > Phil > > On Apr 5, 2016, at 18:59, Hardt, Dick <d...@amazon.com> wrote: > > Use case: An admin for an organization would like to enable her users to > access a SaaS application at her IdP. > > User experience: > Admin authenticates to IdP in browser > Admin selects SaaS app to federate with from list at IdP > IdP optionally presents config options > IdP redirects Admin to SaaS app > Admin authenticates to SaaS app > SaaS app optionally gathers config options > SaaS app redirects admin to IdP > IdP confirms successful federation => OIDC / SAML and SCIM are now configured > and working between IdP and SaaS App > Who else is interested in solving this? > > Is there interest in working on this in either SCIM or OAUTH Wgs? > > Any one in BA interested in meeting on this topic this week? > > ― Dick > _______________________________________________ > scim mailing list > s...@ietf.org > https://www.ietf.org/mailman/listinfo/scim > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
