Hi, is there any way for the service provider to request a certain authentication policy as part of the authentication request to the identity provider? The provider in turn will look at that authentication policy request part, try to adhere to that policy, then in the response back to the service provider, let it know what kind of authentication policy actually happened. Now, the service provider will look at this and if the authentication used by the identity provider was strong enough, then it will let the user sign on.
For example, let's say that for gmail, a certain domain wants 2 factor authentication. The domain administrator will set that as part of the SSO configuration. Now Google automatically knows this and lets the identity provider know this in the authentication request. Then the identity provider will look at it, and do the 2 factor authentication. It will let Google know in the response that 2 factor authentication happened. Now Google can let the user sign on. The demo for SSO didn't have anything like this, so I was wondering if this is even possible right now. If something like this is mentioned anywhere else, please let me know. Thanks in advance. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
