Change Identity Provider Use Case
Status: Proposed This Use Case is under development by members of the use cases ad hoc group.
Title: Authenticate Person
Use Case Description: A human user browses to a website which requires authentication. The web site provides the user the ability to authenticate their identity using an Identity Service Provider of the user’s own choice.
Use Case Category: Consumer Choice
Contributor: Adam Lewis - Individual - Unaffiliated
Use Case Details
Actors:
- Actor:Human User – wants to obtain access to the web resource
- Actor:Identity Provider – performs primary authentication of the claimant using credentials
- Actor:Relying Party – wants to have some level of assurance about the identity of the claimant
Goals / User Stories:
The human user is able to choose an initial Identity Provider and then later move their identity to a different Identity Provider, and retain the ability to use that Identity at the same relying parties that the identit was used for utilizing the initial Identity Provider. The goal of this use case is centered around consumer choice, and providing the end user the ability to own thier identity, and to choose different Identity Providers of a span of time without having to re-create their accounts at relying parties.
Assumptions: It is assumed that the human user has used an Identity at a first Identity Provider to obtain access to at least one relying party.
Requirements:
- The human user must be capable of porting their identity from a first Identity Provider to a second Identity Provider
- The human user must be able to use second Identity provider to authenticate to the same relying parites without having to recreate their accounts.
Process Flow:
Success Scenario:
The user is able to use the same Identity at relying parties that previously consumed assertions from the first identity provider.
Error Conditions:
- The relying party rejects the assertion from the second identity provider.
Relationships
Extended by:
References and Citations