...
At this purpose we have set up a specific collaboration inside COMANAGE, which acts as Attribute Authority, integrating the basic attributes
User Workflow
Register your identity A VO sponsor is the admin of that Collaboration : identities are managed by the admin in the COMANGE admin interface at https://am03.pilots.aarc-project.eu/registry/
User Workflow for interested users:
User accesses the Openstack Dashboard to use the Openstack cluster configured as a SAML SP: ( User lands to the Sign up page, either directly or indirectly )
He opens the web page
WAYF page: user selects either HO IdP (boring for us) or a Social Link page - Social IDPs -
...
COMANAGE does not store the Google ID , but the EGI SP generated one. This acts as primary key.
When the user try to login on the SP - openstack dashboard - URL of EGI pilot openstack - am02 --> sign up page
he logs in with his google account
Mapped to keystone: Mapping is based on eduPersonEntitlement or MemberOf(). We also add the membership to specific collaborations inside COMANAGE in the mapping.
=================================================== WF is done ==========================================================
===========================================================================
Invitation based flow
===========================================================================
Account link
=======================================================================================================================