Replies: 1 comment 2 replies
-
|
I'd like to see this get pushed as well. Apple now require Shared Signals Framework to support third party IDPs |
Beta Was this translation helpful? Give feedback.
-
|
I'd love for keycloak to at least stub out an SSF implementation to fool the Apple "Set up your custom identity provider form" to let me click "Continue". It currently doesn't let you proceed without providing an SSF Config URL Apple docs: https://support.apple.com/en-au/guide/apple-business-manager/axmfcab66783/web |
Beta Was this translation helpful? Give feedback.
-
|
Signed up to Github just to +1 Steve's reply. Being able to use KeyCloak with Apple School Manager would be a complete game-changer! |
Beta Was this translation helpful? Give feedback.
-
To quote the OpenID Shared Signals and Events working group page:
This recently gained some traction, with the OpenID RISC Profile Secification 1.0 being adopted as an OpenID implementer's draft: https://openid.net/2022/08/27/second-implementers-draft-of-risc-profile-approved/
This website from Cisco and the OpenID foundation does a great job at explaining what it is: https://sharedsignals.guide
Conceptually, it is a framework send security events between parties. There are currently two specs defining types of events:
I think it would make sense for Keycloak to support at least some of those events, both as a transmitter (the party sending those events) and as a receiver (the party getting those events). Personally, I'm interested with Keycloak sending those events, but receiving them would help for example to use Google's Cross-Account Protection (which is their marketing name for RISC events)
Beta Was this translation helpful? Give feedback.
All reactions