Hi All, I am currently having a requirement such as, SP can request specific claims from an IdP. Then, IdP should issue those requested claims using a specific claim dialect. (SP and IdP both request and issue claims based on the same external claim dialect)
Let’s say I have an external claim dialect named as “ http://incommon.org/claims”. When an SP is configured into Identity Server, SP should be able to select its Service Provider Claim Dialect as http://incommon.org/claims. Then, it should be able to select requested claims from that dialect. In this case, I have tried the existing feature in the IS. But there are mainly two methods to configure claim dialect for SP as below. 1. Use Local Claim Dialect Here, can be configured the required external claim dialect for SP, but there is no any mean to configure Requested Claims using the same dialect. It only lets to select requested claims from local dialect. Therefore, IdP can not recognize what claims should be issued. Following is the available UI illustration for this. 2. Define Custom Claim Dialect Here, can be configured any name as SP requested and also need to select matching Local Claim from the local claim dialect. No any use of existing dialects. But, if there is a dialect configured under “Service Provider Claim Dialect” claims from the selected dialect are also issued by the IdP. Following is the available UI illustration for this. As my point of view, there is no way to fulfill my requirement (Mentioned in the beginning) from both of this two methods. My idea is that there should be a way to select Service Provider Claim Dialect from existing claim dialects and then Requested Claims can be selected from that dialect as SP needs. Also I have another concern that, although there is “Service Provider Claim Dialect” option in UI for both of above two methods, is there any correlation for them with this option? Can anyone please suggest some ideas on this? Thank you Best Regards! -- *Sahan Gunathilaka* Intern - Software Engineering *WSO2* mobile: +94776343266 [image: http://wso2.com/signature]
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
