Outside the scope of what this WG should be tackling in the core spec IMO, but I'd be interested in working on a profile. There is a lot of this use-case being done in an ad-hoc manner on my platform.
-cmort On 3/23/10 11:17 AM, "Paul Madsen" <paul.mad...@gmail.com> wrote: Separate from the Client trading a SAML assertion for an Access Token as in this flow, we are interested in defining how a Client might use SAML SSO messages to get an Access Token (comparable to OpenID/OAuth hybrid). Anybody else interested? paul On 3/23/2010 1:47 PM, David Recordon wrote: > Hey Chuck, > Thanks for rewriting the SAML flow into the style of my draft! I > really appreciate it. > > I originally dropped the SAML flow because I hadn't seen support for > it on the mailing list(s) the past two months. I think that our > default should be making the spec as short and simple as possible so > removed a few things from WRAP in order to start conversations like > this one. It's now clear that Google, Microsoft, Salesforce, and IBM > all need the SAML profile. Chuck, I'll merge your wording in. Want > to be listed as an author? > > We're also going to need to figure out which flows should be in the > core spec versus which should be developed at the same time but in > individual documents. > > Thanks, > --David > > On Tue, Mar 23, 2010 at 4:50 AM, Torsten Lodderstedt > <tors...@lodderstedt.net> wrote: > >> +1 for assertion support >> >> what about enhancing the flow #2.4 to accept any kind of user credentials >> (username/password, SAML assertions, other authz servers tokens) >> >> regards, >> Torsten. >> >> Am 23.03.2010 um 12:42 schrieb Mark Mcgloin<mark.mcgl...@ie.ibm.com>: >> >> >>> +1 for assertion profile. Was there any reason why it was dropped? >>> >>> On 3/23/10, Chuck Mortimore wrote: >>> >>>> Just getting a chance to review this - I apologize for not getting this >>>> >>> before the meeting started. >>> >>> >>>> We'd like to see some form of an Assertion Profile, similar to section >>>> 5.2 >>>> >>> from draft-hardt-oauth-01. We have strong customer use-cases for an >>> assertion based flow, specifically SAML bearer tokens, and I>believe >>> Microsoft may have already shipped a minor variation on this ( wrap_SAML ) >>> in Azure. >>> >>> >>> Mark McGloin >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/oauth >>> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> >> > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
