Hello All - I am considering adding a new federation provider that would enable the use of MetaMask for authenticating against blockchain to be used with KnoxSSO.
A relatively recent standard in the blockchain world is called Sign in with Ethereum (SIWE) [1][2]. There is no java implementation of the specification yet but there is a typescript one for client side use. We would need to implement the server side requirements. This would allow for a couple things: 1. Distributed Identity based access to Knox protected resources - users own their own identity information. NFTs may be able to be translated into groups and a set of permissions that are enforced by Ranger Policies or Knox ACLs. 2. A means to bridge the enterprise IDP world and the distributed identity for when authentication credentials and individual identity management will provide users their own information but the enterprise will be able to extend this information to detail and enforce organization specific details, permissions and security compliance. Any interest in this as a new provider in the Apache Knox community? If so, I will write up an initial draft of a KIP for it. thanks, --larry 1. https://eips.ethereum.org/EIPS/eip-4361 2. https://github.com/spruceid/siwe
