Hi Dinali, *"IdP initiated SSO"* is something we already support between WSO2 IS and service providers registered in WSO2 IS.
The names I can suggest for this feature are: *1. "IdP initiated inbound federation"* *2. "Federated IdP initiated SSO"* And I have a question on why we decided to introduce a new inbound endpoint. >From SAML PoV, redirecting from the federated IdP to the /samlsso endpoint of IS with a IdP initiated SSO request and writing a request path authenticator to validate the SAML or JWT assertion will also work right? And in your diagram also as the last step you are anyway initiating another IdP initiated login request to the /samlsso endpoint if SAML is selected in the configuration. So what I understand is, the intension of introducing a new endpoint is to make this flow generic for any protocol right? That being said, OIDC doesn't anyway have an IdP initiated concept. I am struggling to understanding how this would work with OIDC a service provider. Would you care to explain? Regards, Johann. On Tue, Jul 17, 2018 at 10:18 PM Dinali Dabarera <[email protected]> wrote: > Hi Chinthana, > > On Tue, Jul 17, 2018 at 10:01 PM Chintana Wilamuna <[email protected]> > wrote: > >> Hi, >> >> I'm assuming if there was no tenantId then we default to super tenant? >> > > Yes we can do that. If the response we get does not contain any tenant > domain, we can consider it as carbon.super. > > > >> Also can we make the query param of the tenantId configurable? >> > > Do you mean like, provide a configuration to add the tenant domain, > similar to protocol configuration? > > >> Another change on UI - since we're only supporting SAML and OIDC shall we >> make this field a drop-down instead of a text field? >> > > It would be nice to see some radio buttons instead of drop dows as we > have only two options. WDYT ? > > > Thanks! > Dinali > > > -- > *Dinali Rosemin Dabarera* > Software Engineer > WSO2 Lanka (pvt) Ltd. > Web: http://wso2.com/ > Email : [email protected] > LinkedIn <https://lk.linkedin.com/in/dinalidabarera> > Mobile: +94770198933 > > > > > <https://lk.linkedin.com/in/dinalidabarera> > > > > > > > > > > > > > > -- *Johann Dilantha Nallathamby* Senior Lead Solutions Engineer WSO2, Inc. lean.enterprise.middleware Mobile: *+94 77 7776950* LinkedIn: *http://www.linkedin.com/in/johann-nallathamby <http://www.linkedin.com/in/johann-nallathamby>* Medium: *https://medium.com/@johann_nallathamby <https://medium.com/@johann_nallathamby>* Twitter: *@dj_nallaa*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
