On Tue, Nov 22, 2016 at 10:25 AM, Johann Nallathamby <[email protected]> wrote:
> Claim Dialect Inheritance means claims in one dialect will be inherited by > another dialect. This brings in a parent child relationship between > dialects. The child dialect of course can have more claims than the parent. > And also the child dialect can override certain metadata inherited from the > parent. > > Following are requirements that I have come across. > > 1. SCIM 2.0 > > SCIM 2.0 defines several schemas out of which two schemas may have this > relationship. > a. User - urn:ietf:params:scim:schemas:core:2.0:User > b. Enterprise User - urn:ietf:params:scim:schemas:extension:enterprise: > 2.0:User > > SCIM defines a limited set of attributes for User schema. If someone wants > to use an extended set of attributes for their users, they need to either > use Enterprise User schema or define their own extended User schema. In > such cases, even if there is only one additional attribute they need, > they will need to define all the attributes in User schema and the > additional one. In such cases it will be ideal to have a inheritance > relationship from User schema to new schema and define only the additional > attribute. > > 2. Many well knows service providers and Identity providers use an > extended set of OpenID Connect claims. > > OpenID Connect defines a fixed set of claims and users are allowed to > freely extend this set. E.g. LinkedIn, Amazon, etc. use their own custom > claims. Ideal way to represent these well known service provider or > identity provider specific claims is to define specific claim dialects for > them and add the claims. In here again, if we need to define the common > claims and the custom claims its going to be difficult for the user. > Therefore here also it will be ideal to have a inheritance relationship and > define only the custom claims in the child dialect. > +1, This functionality is required for the authenticators [1] since the authenticators use own custom claim. [1] - https://store.wso2.com/store/assets/isconnector/list?q=%22tags%22%3A%22SocialLogin%22 > > Can we consider this an important requirement for IS 6.0.0? > > Regards, > Johann. > -- > > *Johann Dilantha Nallathamby* > Technical Lead & Product Lead of WSO2 Identity Server > Governance Technologies Team > WSO2, Inc. > lean.enterprise.middleware > > Mobile - *+94777776950* > Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Kathees Software Engineer, email: [email protected] mobile: +94772596173
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
