Hey all,

I'd like to propose a spec proposal freeze exception for IDP Specific
WebSSO [0].

This topic has been discussed, in length, on the mailing list [1], where
this spec has been referenced as a possible solution [2]. This would allow
for multiple Identity Providers to use the same protocol. As described on
the mailing list, this proposal would help with the public cloud cases for
federated authentication workflows, where Identity Providers can't be
directly exposed to users.

The flow would look similar to what we already do for federated
authentication [3], but it includes adding a call in step 3. Most of the
code for step 3 already exists in Keystone, it would more or less be adding
it to the path.


[0] https://review.openstack.org/#/c/199339/2
[3] http://goo.gl/lLbvE1
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe

Reply via email to