On Sat, Jan 18, 2020 at 6:18 PM Johann Nallathamby <joh...@wso2.com> wrote:
> Hi Malithi, Hi Ajanthan, > > OK. So if we think like that, how do you propose we do 2FA for security > question update? Are you implying that we initiate a SSO flow with higher > requested assurance level, so that in IS a step-up authentication is > performed and returned back to the service provider, to update his/her > security questions? > Yes. And we can do this with conditional auth scripts. > > If this is possible with IS then +1 for that. But also I would like to > have in the roadmap to do this purely through Rest APIs without ever > leaving the service provider. > I think it's subjective. Maybe if it's some email or mobile based confirmation it would be fine. But, for advanced options service provider will have to manage user interactions if so. What would be the tendency to implement such in SP level. > Regards, > Johann. > > On Thu, Jan 16, 2020 at 7:28 AM Malithi Edirisinghe <malit...@wso2.com> > wrote: > >> Hi Johann, >> >> On Wed, Jan 8, 2020 at 4:49 AM Ajanthan Balachandran <ajant...@wso2.com> >> wrote: >> >>> Hi Johann, >>> >>> I think here we are talking about two different things. Feel free to >>> correct me if I am wrong. >>> >>> In the first case, we are trying to assert the value of the claims >>> provided by the user. In the case of phone number and email claims sending >>> verification code does make sense but to assert the first name or last name >>> sending verification code to email or phone doesn't give enough >>> assurance(usually photo ID proof is needed to verify names). >>> >>> What you are talking about is getting enough assurance level for the >>> authenticated user by prompting 2FA to be able to update security >>> questions. This should be handled by auth system not the claim verification >>> system. >>> >> >> I'm under the same understanding with Ajanthan. >> It should be a 2FA flow. >> >> >>> >>> Thanks, >>> Ajanthan. >>> >>> >> Thanks, >> Malithi >> -- >> *Malithi Edirisinghe* | Technical Lead | WSO2 Inc. >> (m) +94 718176807 | (w) +94 11 214 5345 | (e) malit...@wso2.com >> GET INTEGRATION AGILE >> Integration Agility for Digitally Driven Business >> > > > -- > *Johann Dilantha Nallathamby* | Associate Director/Solutions Architect | > WSO2 Inc. > (m) +94 (77) 7776950 | (w) +94 (11) 2145345 | (e) joh...@wso2.com > [image: Signature.jpg] > -- *Malithi Edirisinghe* | Technical Lead | WSO2 Inc. (m) +94 718176807 | (w) +94 11 214 5345 | (e) malit...@wso2.com GET INTEGRATION AGILE Integration Agility for Digitally Driven Business
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
