Example Login Scenario: Difference between revisions
Jump to navigation
Jump to search
m (4 revisions imported: Initial Upload of old pages from IDESG Wiki) |
(No difference)
|
Latest revision as of 03:52, 28 June 2018
Example Login Scenario
Scenario Name: Using a digital identity to log into an RP
Scenario Description: User wants to either create an account and an RP or wants to login to an existing account at the RP. RP provides a list of IdPs that it trusts, user selects an IdP. RP redirects the user to the selected IdP's login site, user enters their previously created identity and credential. IdP validates the credential and redirects the user to the RP's site with an identifier that uniquely identifies this user at the IdP.
Corresponds to: Interactions C and D in Example scenario
File:Example LoginScenario.png
Interaction Details
More detailed description for the interactions are
A. User visits RP site, wants to login or open/create an account
Parties involved: Direction of the interaction: Data: Sub-scenario: none
Security Considerations
Privacy Considerations
Standards Considerations
UX Considerations
Policy Considerations
B. RP shows a list of IdPs it trusts
Parties involved: Direction of the interaction: Data: Sub-scenario: none
Security Considerations
Privacy Considerations
Standards Considerations
UX Considerations
Policy Considerations
C. User selects one IdP
Parties involved: Direction of the interaction: Data: Sub-scenario: none
Security Considerations
Privacy Considerations
Standards Considerations
UX Considerations
Policy Considerations
D. RP redirects user to IdP
Parties involved: Direction of the interaction: Data: Sub-scenario: none
Security Considerations
Privacy Considerations
Standards Considerations
UX Considerations
Policy Considerations
E. User enters their identity and credential
Parties involved: Direction of the interaction: Data: Sub-scenario: none
Security Considerations
Privacy Considerations
Standards Considerations
UX Considerations
Policy Considerations
F. IdP validates identity/credential combination, redirects user to RP along with a unique identifier for the user
Parties involved: Direction of the interaction: Data: Sub-scenario: none
Security Considerations
Privacy Considerations
Standards Considerations
UX Considerations
Policy Considerations
G. RP receives unique identifier from IdP
Parties involved: Direction of the interaction: Data: Sub-scenario: none
Security Considerations
Privacy Considerations
Standards Considerations
UX Considerations
Policy Considerations
G1. RP stores the unique identifier from IdP in its database (maps to its own account identifier)
Parties involved: Direction of the interaction: Data: Sub-scenario: none
Security Considerations
Privacy Considerations
Standards Considerations
UX Considerations
Policy Considerations
H. RP logs user into their account
Parties involved: Direction of the interaction: Data: Sub-scenario: none