Folks, we need to start thinking about the $subject... I guess we can do this for IS 5.2.0...
Right now authentication options are per service provider... The next step is to - let user pick authentication option per service provider.. and also do it per role basis... - Login to Salesforce with u/p - Salesforce Domain Admins login to Salesforce with u/p + FIDO - If user does not have a registered FIDO device - then login with phone based authentication.. likewise.. We should also find a way to connect to MDM through an API.. User should be able to pick - which device (registered) he wants to use against Salesforce - for MFA and which one to use against Google Apps.. -- Thanks & Regards, Prabath Twitter : @prabath LinkedIn : http://www.linkedin.com/in/prabathsiriwardena Mobile : +1 650 625 7950 http://blog.facilelogin.com http://blog.api-security.org
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture