Versions Compared

Old Version 5

changes.mady.by.user Александр Петрунин

Saved on

compared with

New Version 6

changes.mady.by.user Héder Mihály

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Initial setup after installation

Context: The proxy will instance may participate in at least one, potentially multiple federations (federation being a generic term here, either meaning SAML federations as well as a bunch of OIDC parties, as well as intra-organization set of entities (internal federation)). This fact makes it a proxy. Therefore it will have an identity as a either service provider (SAML SP or OIDC RP) as well as an or identity provider (SAML IdP or OIDC OP) or both. This or these will be the deployment's role(s).

  1. After the deployment, the "My Metadata" screen is empty.
  2. With an "Add Role" (we might rename it if there is a better suggestion) button the user selects one of the following: SAML IdP, OIDC OP, SAML SP, OIDC RP.
  3. Regardless of what is selected, the user can set up a Display Name and a Logo for that given role
  4. If SAML IdP is selected, there is a checklist of supported entity categories
    1. Research & Scholarship
    2. Anonymous Access (v2)
    3. Pseudonymous Access (v2)
    4. Personalized Access (v2)
  5. If SAML SP is selected
    1. Research and Scholarship
    2. Code of Conduct
  • Adding remote entity metadata

Context: the user adds metadata of the entities this deployment should know and trust.

  1. On the metadata management screen the user presses "add remote entity metadata"
  2. The options are conditional on the roles.
    1. If the instance has SAML IDP role, there is an option to add a SAML SP metadata XML (or URL to download)
    2. If the instance has OIDC OP role, there is an option to add a redirect URI, name and description (the instance provisions the client ID and client Secret)
    3. If the instance has SAML SP role, there is an option to add SAML IDP metadata
    4. If the instance has an OIDC RP role, there is an option to add an OP

Deactivate/activate remote entity

  1. On the metadata screen, the entities already added to the instance should be able to be deactivated and reactivate (i.e. a button or check box).TBD

Information architecture

  • Dashboard

    • Overview of metadata management status.
    • Quick access to recent activities and common tasks.

  • Metadata Management

    • Federation-level: Interface to add/edit federation-wide metadata.
    • Individual SPs/IdPs: Interface to add/edit metadata for individual SPs/IdPs, with options for manual entry or file import.

  • Relation Management

    • Select SP/IdP: Dropdown or search functionality to select an SP/IdP.
    • Activate SP/IdP: Toggle to activate selected SP/IdP.
    • Attribute Release Policy (SP): ?Options to configure REFEDs entity categories for SPs.
    • Requested Attributes (IDP): ?Options to select requested entity categories for IdPs.

  • My Metadata

    • Display Name: Field to enter/display the name of the proxy.
    • ?Supported Entity Categories: Checklist or dropdown to select supported categories.
    • Logo: Upload functionality to add a logo.

...