Research/Guide - SSO for GA 1

[MarkAckert]

The Zowe group needs to take stock of the current state of SSO and whether ESM will be available by GA 1 or not.

Formulate a plan for SSO GA 1. Work with architects.

[1000TurquoisePogs]

Update: last meeting on SSO covered that ESM & z/OSMF both should be able to handle shared authentication by a trust sphere where JWT is passed with requests to servers which can verify the authenticity back to the central issuer (ESM or z/OSMF in that case). In one scheme, the mediation layer can be the 'client' in a flow where z/osmf is used for authentication, and returns the token to be used. This seems preferred but dates of availability for zowe to be able to make use of JWT is pending.

[hogstrom]

ESM team has taken on the JWT implementation. Monitor the activity for this work in the project.