There may be some similar concerns on our side. Lets talk more this week. Phil
> On Apr 5, 2016, at 19:25, Hardt, Dick <d...@amazon.com> wrote: > > I’m talking about removing manual steps in what happens today where > configuring a SaaS app at an IdP (such as Google, Azure, Ping, Octa) requires > is a bunch of cutting and pasting of access tokens / keys / certs and doing a > bunch of config that is error prone and unique for each relationship. > > Don’t want to solve on the thread … looking to see if there is interest! > > On 4/5/16, 7:11 PM, someone claiming to be "scim on behalf of Phil Hunt > (IDM)" <scim-boun...@ietf.org on behalf of phil.h...@oracle.com> wrote: > > Is the idp the center of all things for these users? > > Usually you have a provisioning system that coordinates state and uses things > like scim connectors to do this. > > Another approach from today would be to pass a scim event to the remote > provider which then decides what needs to be done to facilitate the thingd > you describe. > > Iow. Either the idp (sender) or the sp (receiver) have a provisioning system > to do this. > > The solution and the simplicity depends on where the control needs to be. > > Phil > > On Apr 5, 2016, at 18:59, Hardt, Dick <d...@amazon.com> wrote: > >> Use case: An admin for an organization would like to enable her users to >> access a SaaS application at her IdP. >> >> User experience: >> Admin authenticates to IdP in browser >> Admin selects SaaS app to federate with from list at IdP >> IdP optionally presents config options >> IdP redirects Admin to SaaS app >> Admin authenticates to SaaS app >> SaaS app optionally gathers config options >> SaaS app redirects admin to IdP >> IdP confirms successful federation => OIDC / SAML and SCIM are now >> configured and working between IdP and SaaS App >> Who else is interested in solving this? >> >> Is there interest in working on this in either SCIM or OAUTH Wgs? >> >> Any one in BA interested in meeting on this topic this week? >> >> — Dick >> _______________________________________________ >> scim mailing list >> s...@ietf.org >> https://www.ietf.org/mailman/listinfo/scim > _______________________________________________ > scim mailing list > s...@ietf.org > https://www.ietf.org/mailman/listinfo/scim
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
