Hi Harsha, What you mention about current behaviour is true.. If we are to do this, better if we can make the client id unique within the tenant.. rather making SAML issuer unique across the tenant.. And auto generating the SAML issuer won't break anything, but still its does not add any business value IMO..
In high level, what I'm trying to understand is what would be the user case we are trying to solve, and the business value solving that.. Do you have anything in mind, apart from the consistency in the code level? Thanks, On Thu, Jun 21, 2018 at 8:32 AM Harsha Thirimanna <[email protected]> wrote: > Hi All, > > There is always unique identifier for the Service Provider and WSO2 > Identity Server also use that identifier to uniquely identify the Service > Provider configuration within the Identity Server itself. > > This unique identifier represent in different name in different protocols. > > SAML > Issuer > OAuth2 > Consumer Key > > In WSO2 Identity Server, above both unique keys in SAML and OAuth2 has > different behaviors. > > SAML issuer unique only within the tenant > OAuth2 consumer key unique across the tenant > > SAML issuer must be provided by the client > OAuth2 consumer key is optional to provide by the client > > Don't we make this consistent in protocol independently ? > > If we can allow to auto generate the SAML issuer if the client doesn't > provide it and make that issuer unique across the tenant, then the behavior > is consistent. > > WDYT ? > > *Harsha Thirimanna* > *Associate Tech Lead | WSO2* > > Email: [email protected] > Mob: +94715186770 > Blog: http://harshathirimanna.blogspot.com/ > Twitter: http://twitter.com/harshathirimann > Linked-In: linked-in: > http://www.linkedin.com/pub/harsha-thirimanna/10/ab8/122 > <http://wso2.com/signature> > -- Regards, *Darshana Gunawardana*Technical Lead WSO2 Inc.; http://wso2.com *E-mail: [email protected] <[email protected]>* *Mobile: +94718566859*Lean . Enterprise . Middleware
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
