Uploaded image for project: 'UX Product'
  1. UX Product
  2. UXPROD-556

Federation-based SSO authentication - basic support

    XMLWordPrintable

    Details

    • Template:
      UXPROD features
    • Front End Estimate:
      Medium < 5 days
    • Back End Estimate:
      XL < 15 days
    • Development Team:
      None
    • Calculated Total Rank:
      82
    • Kiwi Planning Points (DO NOT CHANGE):
      4
    • PO Rank:
      0
    • Rank: Chalmers (Impl Aut 2019):
      R5
    • Rank: Chicago (MVP Sum 2020):
      R1
    • Rank: Cornell (Full Sum 2021):
      R5
    • Rank: Duke (Full Sum 2021):
      R1
    • Rank: 5Colleges (Full Jul 2021):
      R1
    • Rank: FLO (MVP Sum 2020):
      R5
    • Rank: GBV (MVP Sum 2020):
      R2
    • Rank: hbz (TBD):
      R2
    • Rank: Hungary (MVP End 2020):
      R1
    • Rank: Lehigh (MVP Summer 2020):
      R1
    • Rank: Leipzig (Full TBD):
      R1
    • Rank: Leipzig (ERM Aut 2019):
      R5
    • Rank: MO State (MVP June 2020):
      R4
    • Rank: TAMU (MVP Jan 2021):
      R1
    • Rank: U of AL (MVP Oct 2020):
      R4

      Description

      Current situation or problem:
      Currently FOLIO requires the manual coordination of one-to-one trust relationships every time we have a new FOLIO SP or take down an old one, or whenever the SP or IdP updates metadata. Instead, provide basic support for the major Higher Ed SAML federations such as InCommon and/or eduGAIN so we can stop the manual coordination of one-to-one trust relationships.

      In scope:

      • Configure FOLIO SP with the URI for federation metadata and the entityId of the campus IdP and use that to retrieve and configure the IdP metadata.
      • Periodically check the federation metadata for updates and automatically bring in updates to the IdP metadata. The checking interval should be configurable as policies may differ between federations.

      Out of scope:

      • Authentication of users from IdPs in the federation other than the IdP specifically indicated.
      • Support for authentication against multiple IdPs.

      Use case(s):
      Proposed solution/stories (optional):

      Links to additional information:

      Questions/Comments:

        TestRail: Results

          Attachments

            Issue Links

              Activity

                People

                Assignee:
                tod Tod Olson
                Reporter:
                cboerema Cate Boerema
                Front End Estimator:
                Jakub Skoczen Jakub Skoczen
                Back End Estimator:
                Jakub Skoczen Jakub Skoczen
                Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                  Dates

                  Created:
                  Updated:

                    TestRail: Runs

                      TestRail: Cases