On Thu, Feb 9, 2017 at 5:39 PM, Isura Karunaratne <[email protected]> wrote:
> Hi all, > > What is the best way to handle special claims such as last login > time and last password update time? These claims should > only be modified by the system. > This was the whole purpose of introducing "multiple attribute profiles" concept. We should be able to define for each external endpoint that we expose from IS, the attribute profile which will be supported. The attribute profile can even be extended per service provider level. The attribute profile will say which attributes are "read-only". > > > Ideally, we should not be able to update these claims using an APIs such > as SCIM. > SCIM will have its own default profile. > > Thanks > > *Isura Dilhara Karunaratne* > Senior Software Engineer | WSO2 > Email: [email protected] > Mob : +94 772 254 810 <+94%2077%20225%204810> > Blog : http://isurad.blogspot.com/ > > > > -- Thanks & Regards, *Johann Dilantha Nallathamby* Technical Lead & Product Lead of WSO2 Identity Server Governance Technologies Team WSO2, Inc. lean.enterprise.middleware Mobile - *+94777776950* Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
