Creating Composite Claims from Multiple Providers
Title:
Creating Composite Claims from Multiple Providers
Use Case Description:
Creating composite claims allows the combination of claims from identity and attribute providers to be put together into a single "bag of claims" to be delivered to a relying party. This operation can occur in the user device or in the relying party.This case considers only composition within the user device. See the Progressive Authentication Use Case for composition of claims within the relying party.
Use Case Category:
Contributor:
Tom Jones
Use Case Details
Actors:
- User exists in the real world.
- User Agent is the digital device that represents the user in the digital world.
- Identity Provider (IdP) is the one provider that controls the name space where the user's identifier resides.
- Attribute Provider is any source of claims beyond the IdP.
Goals:
A single RESTful web request can include sufficient claims to allow relying parties to give seamless access to a single HTTP GET operation.
Assumptions:
- There is one identity from one Identity Provider that is used throughout the case considered here.
Requirements:
Process Flow:
Success Scenario:
Error Conditions:
Relationships
- Extended by:
- Progressive Authentication Use Case considers the compositing of claims inside the relying party.
- Extension of:
References and Citations