This week's call will use the Zoom system at GU, see ZoomGU for see ZoomGU for access info.

AGENDA

• SWITCH will attend (Etienne, Lukas and Res), to present the use cases behind the structured (jumbo) attribute. Key messages:
  • Today we have (only) 2 SPs (registration services) that would require this information. They are currently being built.
  • Both are needing this information for the provisioning towards a couple of further services (like e.g. Adobe Creative Cloud etc.)
  • These 2 registration service SPs are user-centric on their own authentication side, while they have to pick a role of the person on the provisioning side, for each of those further services.
  • We could do without a proper attribute filter step. The registration service SPs would just require everything.
  • Still, packing all of this onto the IdP might bee too much. We have therefore a plan B which looks like this:
    
    • Send all affiliation related information (UniqueID, Mail, ScopedAffiliation, ...) in separate flat multivalued attributes to the registration service SPs (and get the consent of the user)
    • Let the registration service SP call the SCIM API ( https://www.switch.ch/edu-id/organisations/tech/scim-api/ ) for each of those obtained ScopedAffiliation values, and get the proper set of attributes for that specific affiliation .
    • With this, the registration service SP can then build up an own user database, and use that one for further provisioning towards the services behind.
  • We don't expect a quick solution.

• Jira Legacy
  server Shibboleth JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 180d847f-bce4-36b2-9964-771bff586829 key IDP-1181

  - carried forward
• PS

  Jira Legacy
  server Shibboleth JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 180d847f-bce4-36b2-9964-771bff586829 key IDP-1476

  - Update on some SameSite cookie attribute testing.
• Splitting workload on SAML proxying

Attendees: