Proposed features
To be prioritised for a MVP
- Translating between SAML and OIDC
- Local accounts and roles? Or a single admin user?
Primary entity management
- Generic config management
- Export/import of config items/entities
- Copy/delete (Copy as poor man's versioning, should it also work on groups of items)
- Editing of entities in the GUI
- Raw config edit
- GUI edit of common configuration items
- Apply config
- Git config save
- Generic post processor for configs (could be used to implement (config and Git push)
- Management of individual IDPs/Authorisation Servers/OPs and SPs/RPs/clients within the proxy (naming - "client" is more an Oauth2 term and too overloaded)
- Config checks (could also be one of post-processors)
- Rollback from Git (Git config restore)
- Topology graph
- Management of multiple proxy instances
- Management of proxy (related) data for individual entities
- Entity lifecycle
- Draft
- Test
- Production
- Support for parked entities/configs
Other
- GUI for internal admin of the proxy (for key internal settings apart from managed services' configs)
- Federation/eduGAN support
- Additional support for federated identity management - what specifically?
- API to access/edit service configuration/history???
- Validation of encryption and signatures of entities and their messages
- Enforcement of authentication and authorization policies - defined locally or by IdPs?
- Integration with MFA by the proxy
- Reporting and analytics
- Statistics
- Issues
- Events/logs
Managing metadata exchange
- Management of attribute filtering between IDPs and SPs?
- Management of mapping of attributes
- Attribute transformation rules?
- Setting of attribute values - for which entities?
Key concepts and their (alternative) names
...