Subject: Grouper Users - Open Discussion List
- From: "Bush,Judith" <>
- To: "" <>
- Subject: [grouper-users] Grouper Capability Question
- Date: Mon, 5 Aug 2019 18:44:28 +0000
I am investigating whether grouper can meet an SP use case.
Libraries are our customers. The librarians classify users for access purposes using rules that act on the claims made about the user in the authentication response the application receives. Essentially, users are put into groups. Obviously, if every library had an idp with grouper, the librarians could work with the IDP to classify the users for access purposes. However, not all do.
For our customers who need rules run against IDP assertions, would grouper have an on-demand mode? A call is made to grouper with the attributes and grouper responds with the claims?
Is it conceivable to provisioned the user from the claims, trigger grouper to evaluate the user, and then call grouper to get the user’s groups?
Thanks for your insights,
Identity and Access Management Architect at OCLC
- [grouper-users] Grouper Capability Question, Bush,Judith, 08/05/2019
Archive powered by MHonArc 2.6.19.