Open timcappalli opened 9 hours ago
Based on the discussion thus far in WG calls, GH comments, and Slack, here is my proposal for a scope for v1, presented as a developer user story.
As a developer building a new B2B SaaS application, I need to: set up user and group provisioning and deprovisioning between a customer's workforce IdP and my application set up user authentication via federated relationship with a customer's workforce IdP ensure end users only have access to what they need in my application at any given point in time be able to convey to the customer's IdP that I require a certain authentication level know whether that authentication level was met at the IdP during a sign in be notified when tokens have been revoked be notified when sessions have been invalidated receive real-time signals about changes in account posture or integrity To make that happen, I need to know: which protocols I should use how to securely implement and deploy those protocols at scale how to implement those protocols in an interoperable manner
As a developer building a new B2B SaaS application, I need to:
To make that happen, I need to know:
Based on the discussion thus far in WG calls, GH comments, and Slack, here is my proposal for a scope for v1, presented as a developer user story.