notes/token_exchange_in_iroh_auth.org
This commit is contained in:
parent
954c5a82b4
commit
3c6e2a7458
1 changed files with 7 additions and 1 deletions
|
@ -90,8 +90,14 @@ meaning for each word restricted to this document:
|
|||
*** Using SXSO tokens vs SXSO User Identity
|
||||
|
||||
SXSO support both OpenID Connect and SAML v2.0.
|
||||
If we were to support direct
|
||||
If we were to support direct tokens from SXSO, it would still mean the product
|
||||
need to provide its own client credentials.
|
||||
Also it would need IROH-Auth to integrate a complex system to verify and trust
|
||||
these external tokens.
|
||||
|
||||
Instead this proposal only need to use IROH-Auth signed tokens.
|
||||
The only work to be done by the product would be to extract the SXSO ~User Identity Id~
|
||||
from either the ~id_token~ or the ~SAMLResponse~.
|
||||
*** Exchange an SXSO User Identity for a SecureX user tokens
|
||||
|
||||
We would like that a team, which is integrated with SXSO can retrieve tokens from IROH-Auth.
|
||||
|
|
Loading…
Reference in a new issue