...
- Initial setup after installation
Context: The proxy will instance may participate in at least one, potentially multiple federations (federation being a generic term here, either meaning SAML federations as well as a bunch of OIDC parties, as well as intra-organization set of entities (internal federation)). This fact makes it a proxy. Therefore it will have an identity as a either service provider (SAML SP or OIDC RP) as well as an or identity provider (SAML IdP or OIDC OP) or both. This or these will be the deployment's role(s).
- After the deployment, the "My Metadata" screen is empty.
- With an "Add Role" (we might rename it if there is a better suggestion) button the user selects one of the following: SAML IdP, OIDC OP, SAML SP, OIDC RP.
- Regardless of what is selected, the user can set up a Display Name and a Logo for that given role
- If SAML IdP is selected, there is a checklist of supported entity categories
- Research & Scholarship
- Anonymous Access (v2)
- Pseudonymous Access (v2)
- Personalized Access (v2)
- If SAML SP is selected
- Research and Scholarship
- Code of Conduct
- Adding remote entity metadata
Context: the user adds metadata of the entities this deployment should know and trust.
- On the metadata management screen the user presses "add remote entity metadata"
- The options are conditional on the roles.
- If the instance has SAML IDP role, there is an option to add a SAML SP metadata XML (or URL to download)
- If the instance has OIDC OP role, there is an option to add a redirect URI, name and description (the instance provisions the client ID and client Secret)
- If the instance has SAML SP role, there is an option to add SAML IDP metadata
- If the instance has an OIDC RP role, there is an option to add an OP
Deactivate/activate remote entity
- On the metadata screen, the entities already added to the instance should be able to be deactivated and reactivate (i.e. a button or check box).TBD
Information architecture
Dashboard
- Overview of metadata management status.
- Quick access to recent activities and common tasks.
Metadata Management
- Federation-level: Interface to add/edit federation-wide metadata.
- Individual SPs/IdPs: Interface to add/edit metadata for individual SPs/IdPs, with options for manual entry or file import.
Relation Management
- Select SP/IdP: Dropdown or search functionality to select an SP/IdP.
- Activate SP/IdP: Toggle to activate selected SP/IdP.
- Attribute Release Policy (SP): ?Options to configure REFEDs entity categories for SPs.
- Requested Attributes (IDP): ?Options to select requested entity categories for IdPs.
My Metadata
- Display Name: Field to enter/display the name of the proxy.
- ?Supported Entity Categories: Checklist or dropdown to select supported categories.
- Logo: Upload functionality to add a logo.
...