Elon University uses a Single Sign-On solution named Shibboleth to manage the identities of Elon affiliates. The protocol that Elon's IdP service speaks is SAML 2.0, which we will have to integrate with to leverage Elon's service for access control and, in the future, scoping based on user.
We need to write up a design and implementation document to help stakeholders understand how we intend on integrating IdP in our API center. In the beginning, we must first thoroughly understand what Shibboleth, SSO, and SAML 2.0 is while also providing the flow between Elon and the API center. How do we handle scoping by user type? How do we ensure that access to resources deemed only for Elon affiliates remain only accessible by them and how can we leverage Elon's IdP service in doing so?
Elon University uses a Single Sign-On solution named Shibboleth to manage the identities of Elon affiliates. The protocol that Elon's IdP service speaks is SAML 2.0, which we will have to integrate with to leverage Elon's service for access control and, in the future, scoping based on user.
We need to write up a design and implementation document to help stakeholders understand how we intend on integrating IdP in our API center. In the beginning, we must first thoroughly understand what Shibboleth, SSO, and SAML 2.0 is while also providing the flow between Elon and the API center. How do we handle scoping by user type? How do we ensure that access to resources deemed only for Elon affiliates remain only accessible by them and how can we leverage Elon's IdP service in doing so?