Replies: 1 comment 2 replies
-
I'd like to see this get pushed as well. Apple now require Shared Signals Framework to support third party IDPs |
Beta Was this translation helpful? Give feedback.
2 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
To quote the OpenID Shared Signals and Events working group page:
This recently gained some traction, with the OpenID RISC Profile Secification 1.0 being adopted as an OpenID implementer's draft: https://openid.net/2022/08/27/second-implementers-draft-of-risc-profile-approved/
This website from Cisco and the OpenID foundation does a great job at explaining what it is: https://sharedsignals.guide
Conceptually, it is a framework send security events between parties. There are currently two specs defining types of events:
I think it would make sense for Keycloak to support at least some of those events, both as a transmitter (the party sending those events) and as a receiver (the party getting those events). Personally, I'm interested with Keycloak sending those events, but receiving them would help for example to use Google's Cross-Account Protection (which is their marketing name for RISC events)
Beta Was this translation helpful? Give feedback.
All reactions