Example Login Scenario

From IDESG Wiki
Revision as of 03:52, 28 June 2018 by Omaerz (talk | contribs) (4 revisions imported: Initial Upload of old pages from IDESG Wiki)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Example Login Scenario

Scenario Name: Using a digital identity to log into an RP

Scenario Description: User wants to either create an account and an RP or wants to login to an existing account at the RP. RP provides a list of IdPs that it trusts, user selects an IdP. RP redirects the user to the selected IdP's login site, user enters their previously created identity and credential. IdP validates the credential and redirects the user to the RP's site with an identifier that uniquely identifies this user at the IdP.

Corresponds to: Interactions C and D in Example scenario

File:Example LoginScenario.png

Interaction Details

More detailed description for the interactions are


A. User visits RP site, wants to login or open/create an account

   Parties involved: 
   Direction of the interaction:
   Data: 
   Sub-scenario: none
Security Considerations
Privacy Considerations
Standards Considerations
UX Considerations
Policy Considerations

B. RP shows a list of IdPs it trusts

   Parties involved: 
   Direction of the interaction:
   Data: 
   Sub-scenario: none
Security Considerations
Privacy Considerations
Standards Considerations
UX Considerations
Policy Considerations

C. User selects one IdP

   Parties involved: 
   Direction of the interaction:
   Data: 
   Sub-scenario: none
Security Considerations
Privacy Considerations
Standards Considerations
UX Considerations
Policy Considerations

D. RP redirects user to IdP

   Parties involved: 
   Direction of the interaction:
   Data: 
   Sub-scenario: none
Security Considerations
Privacy Considerations
Standards Considerations
UX Considerations
Policy Considerations

E. User enters their identity and credential

   Parties involved: 
   Direction of the interaction:
   Data: 
   Sub-scenario: none
Security Considerations
Privacy Considerations
Standards Considerations
UX Considerations
Policy Considerations

F. IdP validates identity/credential combination, redirects user to RP along with a unique identifier for the user

   Parties involved: 
   Direction of the interaction:
   Data: 
   Sub-scenario: none
Security Considerations
Privacy Considerations
Standards Considerations
UX Considerations
Policy Considerations

G. RP receives unique identifier from IdP

   Parties involved: 
   Direction of the interaction:
   Data: 
   Sub-scenario: none
Security Considerations
Privacy Considerations
Standards Considerations
UX Considerations
Policy Considerations

G1. RP stores the unique identifier from IdP in its database (maps to its own account identifier)

   Parties involved: 
   Direction of the interaction:
   Data: 
   Sub-scenario: none
Security Considerations
Privacy Considerations
Standards Considerations
UX Considerations
Policy Considerations

H. RP logs user into their account

   Parties involved: 
   Direction of the interaction:
   Data: 
   Sub-scenario: none
Security Considerations
Privacy Considerations
Standards Considerations
UX Considerations
Policy Considerations