| Proposer | Mihály Héder (HUN-REN) |
|---|---|
| Area | IDENTITY & ACCESS MANAGEMENT |
| Type of work | DEVELOPMENT |
| Output | PROTOTYPE |
| History | Implement OpenID Federation into SimpleSAMLphp and Shibboleth IdP |
The primary motivation of this topic is to create Verifiable Credential issuer tools for our community so that it can participate in the wallet ecosystem. The best place to start appears to be the IdP software as here we can leverage the sophisticated data handling retrieval and transformation both Shib and SSP, that is already deployed on top of university student information systems, research organization user databases, institutional LDAP or SQL deployments; exactly where the relevant data resides. It needs to be investigated whether UX is necessary, in which case the IdP Dashboard, which was developed for both Shib and SSP can be used. There is a stakeholder request for GO library as well.
The goal is to utilize the data that is naturally accumulating in IdPs. These are affiliations, grades and transcript of academic achievement, official person names based on government id, academic title (phd, habil, reader: often required to participate in PhD committee, etc.
All this could be released to wallets, empowering the user.
- investigate use cases and the appropriate flows for them
- investigate architectural options
- test with wallets, different kinds
- keep in mind handover requirements
- identify potential early adopters
Outcome:
- proof-of-concept code,
- documentation
- learning materials
The following parties will use the results of this activity:
| T&I Service | - |
|---|---|
| R&E Community | - |
| External Party | Shibboleth Consortium, SimplesSAMLphp? |
The following results were created and delivered: