...
We describe here the set up of the Social Identities pilot
Social Identities need to be linked to eduGAIN federated ones; Subsequently, they need to be enriched with Attributes entitling users to be authorized to SAML Service Providers.
Possible functional components:
1) OAuth2/OIDC Identity Provider providing Claims ( Is TEIP from GN4 an option at this stage)
2) Identity Linking: OIDC ID to SAML ID
3) Mapping OIDC/OAuth Claims to SALM Attributes to get Authorization attributes
4) Attribute Authorities to enrich Attribute Set ( COMANAGE, Grouper, HEXXA, PERUN ..[] )
5) eduGAIN SP to check AuthN/AuthZ against