...
- After deployment, the "My Metadata" screen is initially empty.
- Using an "Add Role" button (we might rename it if a better suggestion arises), the user can select one of the following: SAML IdP, OIDC OP, SAML SP, OIDC RP.
- Regardless of the selected role, the user can set up a Display Name and a Logo.
- If the SAML IdP role is selected, a checklist of supported entity categories will be available:
- Research & Scholarship
- Anonymous Access (v2)
- Pseudonymous Access (v2)
- Personalised Access (v2)
- If the SAML SP role is selected, the following settings/attributes are available:
- Research & Scholarship
- Code of Conduct
As a
System Administrator
I want to
Set up the initial identity roles and metadata for the newly installed instance, so that the instance can participate in one or more federations as either a Service Provider (SP/RP), Identity Provider (IdP/OP), or both.
Description:
Upon completion of the installation process, the system instance must be configured to participate in one or more federations. These federations may include SAML federations, a collection of OpenID Connect (OIDC) parties, or internal organizational federations. The instance can assume the role of a SAML Service Provider (SP), SAML Identity Provider (IdP), OIDC Relying Party (RP), OIDC OpenID Provider (OP), or a combination of these roles.
Acceptance Criteria:
Initial Screen State:
- After deployment, the "My Metadata" screen should be displayed with no pre-configured roles or metadata.
Add Role Button:
- A button labeled "Add Role" should be available on the "My Metadata" screen. This button may be renamed based on better suggestions for clarity.
- When the "Add Role" button is clicked, the user should be presented with a selection of roles:
- SAML Identity Provider (SAML IdP)
- OIDC OpenID Provider (OIDC OP)
- SAML Service Provider (SAML SP)
- OIDC Relying Party (OIDC RP)
Role Configuration:
- Upon selecting any of the roles, the user should be able to configure the following general attributes:
- Display Name: A user-defined name that will represent this role within the federation.
- Logo: An optional logo image that visually represents the role in the federation.
- Upon selecting any of the roles, the user should be able to configure the following general attributes:
SAML IdP Role Configuration:
- If the user selects the SAML IdP role, they should be presented with a checklist of supported entity categories to choose from:
- Research & Scholarship
- Anonymous Access (v2)
- Pseudonymous Access (v2)
- Personalized Access (v2)
- If the user selects the SAML IdP role, they should be presented with a checklist of supported entity categories to choose from:
SAML SP Role Configuration:
- If the user selects the SAML SP role, they should be provided with the option to configure the following settings/attributes:
- Research & Scholarship
- Code of Conduct
- If the user selects the SAML SP role, they should be provided with the option to configure the following settings/attributes:
Notes:
- The user interface should be intuitive and guide the user through the process of role selection and configuration.
- The roles and their configurations should be saved and reflected in the "My Metadata" screen after the setup is completed.
- Future updates may include additional roles or settings based on evolving federation requirements.
Adding remote entity metadata
...