...

IsMemberOf and eduPersonEntitlement are both scoped to the VO using an at sign

Changes needed for eduTEAMS Identity Hub

• Publish IdP proxy metadata for a single proxy endpoint
• Check incoming attributes on Backend to see if we are getting enough info to be R&S compliant
• incorporate/use discovery service

GAPS identified for Membership Manamgement

• VOOT ansible scripts
• COmanage Ansible needs changing - Basic provisioning
• Ansible for export script - Ansibelize script deployment
• Ansible for MySQL database for Master ->  Slave replication
• Loadbancers Ansible
• Gui for connecting SP to CO
• Gui for onboading new VO/VOadmin
  • Out of band via email intially
  • We send out an invite to the invite form
  • Validate if the user is in GEANT by calling external service.
  • If false, present a good error message.
  • Fill in form, which needs custom fields
    • Define the fields
      • Include SPs
  • Email to validate the entry
  • We ok the entry
  • Use provisioning plugin to provision into specific DB or LDAP OR better via API directly into Comanage.
• For initila Piot use wiki page for "form" questions + email.