-
Notifications
You must be signed in to change notification settings - Fork 75
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(jans-auth-server): specify minimum ACR for clients #343
Labels
comp-jans-auth-server
Component affected by issue or PR
kind-feature
Issue or PR is a new feature request
needs-triage
Issue or PR yet to be triaged. Add more labels or details that will help during triage review.
Comments
ghost
assigned yuriyz
Dec 27, 2021
Tagging @nynymike as the original author |
ghost
unassigned yuriyz
Jan 10, 2022
ossdhaval
added
comp-jans-auth-server
Component affected by issue or PR
needs-triage
Issue or PR yet to be triaged. Add more labels or details that will help during triage review.
labels
Jan 13, 2022
There is going to be new client properties:
For example, given:
If |
yuriyz
changed the title
Specify Minimum ACR for clients
feat(jans-auth-server): specify minimum ACR for clients
Nov 17, 2022
The client should ideally have more control over this priority. I updated your example above. |
@nynymike I like it, agreed. |
yuriyz
added a commit
that referenced
this issue
Nov 25, 2022
4 tasks
yuriyz
added a commit
that referenced
this issue
Nov 26, 2022
jgomer2001
pushed a commit
that referenced
this issue
Nov 28, 2022
* docs: docker installation (#3027) * docs: docker installation * docs: add quick-start page * docs: readme.md and compose,md made identical * docs: adjust warning as per github pages syntex * docs: replace docker with docker compose * docs: github page identical to compose page * docs: remove yml file deletion * docs: fix * docs: fix helm chart url * build(deps): bump zeebe-io/backport-action from 0.0.8 to 0.0.9 (#3060) Bumps [zeebe-io/backport-action](https://github.com/zeebe-io/backport-action) from 0.0.8 to 0.0.9. - [Release notes](https://github.com/zeebe-io/backport-action/releases) - [Commits](korthout/backport-action@v0.0.8...v0.0.9) --- updated-dependencies: - dependency-name: zeebe-io/backport-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * docs: improve vm install instructions (#3091) * docs: add sha check instructions for rhel * docs: add sha check instructions for suse * docs: formating and proofreading of install docs (#3092) * feat: add custom annotation for configuration property and feature flag documentation (#2852) * feat: add custom annotation for prop documentation * feat: add annotation processor * feat: annotate properties * feat: configure annotation processor * feat: add default value * feat: add annotation to enum * feat: add comment * feat: rename annotation * feat: rename processor class * feat: refactor to new core module * feat: fix test class errors * feat: rename the module * feat: add table and details view of content * feat: sort properties * feat: change wording - mandatory to required * feat: add exception handling and logging * feat: write file under classes output dir * feat: create output file under target directory * feat: rename property and file * feat: create separate annotation for feature flags * feat: code cleanup * fix: add description to properties * fix: add property descriptions from Gluu docs * fix: add descriptions from Swagger * fix(fido2): annotate fido config properties * feat(scim): configure property documentation annotations * fix: add module name to file and title * fix: add Feature Flag descriptions * fix: integrate doc generation with CI * fix: add tags to generated docs * fix: create separate sections for properties and flags * fix: update the artifact version for jans-doc * fix: contents of markdown files after merge * ci: remove token req * fix: sonar issues * fix: sonar issues * fix: sonar issues * fix: move doc generation to shell script Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com> * ci: use hotspath-storage in quickstart script * doc: remove redundant API details sections (#3093) * feat(jans-auth-server): specify minimum acr for clients #343 (#3083) * feat(jans-auth-server): specify minimum acr for clients #343 * feat(jans-auth-server): added minimum acr properties to dynamic registration #343 * doc(jans-auth-server): added docs and updated swagger with new minimum acr related properties #343 * docs: add kuberentes planning guide initial points * docs: add kuberentes planning guide initial points * Update certificates.md (#3096) * docs: scim logs Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Amro Misbah <amromisba7@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Dhaval D <343411+ossdhaval@users.noreply.github.com> Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com> Co-authored-by: YuriyZ <yzabrovarniy@gmail.com> Co-authored-by: mzico <mohib@gluu.org>
This was referenced Dec 1, 2022
This was referenced Jan 9, 2023
2 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
comp-jans-auth-server
Component affected by issue or PR
kind-feature
Issue or PR is a new feature request
needs-triage
Issue or PR yet to be triaged. Add more labels or details that will help during triage review.
nynymike commented on Oct 10, 2018
Customers want to be able to force a certain level of authentication to access certain clients. Is it possible to look at the
client_id
, and if the current session does not match the required acr, to force authentication with the requisite acr.yuriyz commented on Oct 10, 2018
Session tracks all clients that take part in SSO. So indeed we can check whether required level of acr is set per client or not. Do we want to have it as relative level number as defined by
auth_level_mapping
(on well-known json), e.g.50
or set acr e.g.otp
?I can take over it if needed.
qbert2k commented on Oct 12, 2018
There is already an array of default requested Authentication Context Class Reference values (
default_acr_values
) per client that can be overridden/forced by the request parameteracr_values
.nynymike commented on Oct 12, 2018
But only in the authentication phase. So if a person is already logged in, these are ignored. What we want to do is force reauthentication. For example, before a code is sent back to the client
The text was updated successfully, but these errors were encountered: