https://wiki.idesg.org/index.php?action=history&feed=atom&title=Migrate_to_Federated_Identity_Use_CaseMigrate to Federated Identity Use Case - Revision history2026-05-01T09:59:15ZRevision history for this page on the wikiMediaWiki 1.38.4https://wiki.idesg.org/index.php?title=Migrate_to_Federated_Identity_Use_Case&diff=4810&oldid=prevOmaerz: 4 revisions imported: Initial Upload of old pages from IDESG Wiki2018-06-28T04:02:19Z<p>4 revisions imported: Initial Upload of old pages from IDESG Wiki</p>
<p><b>New page</b></p><div>'''Status:''' <span style="background:#ff0000">Proposed</span> This Use Case is under development by members of the use cases ad hoc group.<br />
<br />
<br />
'''Title''': <br />
Migration to Federated Identity / Identity Linking<br />
<br />
<br />
'''Use Case Description''': <br />
A human user that possess a username and password for a web site is able to link their federated identity to their identity on the web site, and use that identity to access the web site in the future.<br />
<br />
<br />
'''Use Case Category''': Authentication Related<br />
<br />
<br />
'''Contributor''': Adam Lewis - Individual - Unaffiliated<br />
<br />
<br />
=== Use Case Details ===<br />
'''Actors''': <br />
* [[Actor:Human User]] – wants to obtain access to the web resource<br />
* [[Actor:Identity Service Provider]] – performs primary authentication of the claimant using credentials<br />
* [[Actor:Relying Party]] – wants to have some level of assurance about the identity of the claimant<br />
<br />
<br />
'''Goals / User Stories''': <br />
The goal here is to aid migration to an NSTIC ecosystem. The average human user today has dozens of identities on the Internet, some may even have hundreds. The human user should be able to obtain an identity from an identity provider and use that identity to access their data on relying parties which hold a unique identity for the user. The user should be able to link these identities together such that in future visits to the relying party, they may use only their federated identity and be capapble of accessing their data. The user should also be provided the ability to delete their local password.<br />
<br />
'''Assumptions''':<br />
It is assumed that the user already has one or more identities provisioned at web sites on the Internet. It is assumed that the user has since created a federated identity that is authenticated by a third-party identity provider. <br />
<br />
<br /><br />
'''Requirements''':<br />
* The relying party must enable the user to link their federated identity to their existing account info.<br />
* The relying party must enable the user have the option of destroying their password credential on the site.<br />
<br />
<br /><br />
'''Process Flow''':<br />
<ol><br />
<li><br />
<li><br />
<li><br />
</ol><br />
<br />
<br /><br />
'''Success Scenario''': <br />
The user's federated idetnity is linked to their legacy identity on the relying part.<br />
<br />
<br /><br />
'''Error Conditions''': <br />
<br />
* <br />
*<br />
*<br />
<br />
<br /><br />
=== Relationships ===<br />
<br />
'''Extended by:'''<br />
[[Use Case:Remote Identity Proofing]], [[Use Case:In-person Identity Proofing]]<br />
<br />
=== References and Citations ===<br />
* [[NIST_SP_800-63-1]]<br />
* <br />
<br /><br />
<br />
<br />
[[Category:Identity Management Use Cases]]<br />
[[Category:Use Cases]]<br />
[[Category:Concept]]</div>Omaerz