AllowCreate set to false may be useful if the SP wishes to disable credential registration flows in the user interface at the IdP.
I'm wondering if any GC Relying Parties actually use this. The new Kantara Profile says that if AllowCreate
is present then it must be set to true. I'm inclined to align CATS 3 with this unless someone has a busness requirement to still allow it to be false.
CATS 2.0 states that:
I'm wondering if any GC Relying Parties actually use this. The new Kantara Profile says that if
AllowCreateis present then it must be set totrue. I'm inclined to align CATS 3 with this unless someone has a busness requirement to still allow it to befalse.