workday - Re: [InC-Workday] SAML-based step-up authentication details
Subject: Discussion of use cases and implementation experience integrating with Workday
List archive
- From: "Belcher, C W" <>
- To: "" <>
- Subject: Re: [InC-Workday] SAML-based step-up authentication details
- Date: Wed, 11 May 2016 19:32:29 +0000
- Accept-language: en-US
- Authentication-results: incommon.org; dkim=none (message not signed) header.d=none;incommon.org; dmarc=none action=none header.from=austin.utexas.edu;
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:23
Yes, that is my understanding. The authn context value will be specified in the step-up authentication SAML configuration per WD tenant. We are not planning on getting a forceauthn flag from WD. Thanks, CW —— C.W. BELCHER, Associate Director Identity & Access Management | Information Technology Services — Applications The University of Texas at Austin | 512-232-6519 | FAC 326R From: <> on behalf of "Michael W. Brogan" <> As far as I know Workday isn’t federated; everyone has their own tenant. I think Workday’s plan is to expose a configuration item in the SAML admin UI that allows a site to set an AuthnContextClassRef that their IdP is expecting. --Michael From: [mailto:] On Behalf Of Nathan A. Dors Yesterday, Archana Ramamoorthy from Workday confirmed they're "thinking of utilizing AuthnContextClassRef" for step-up authentication using SAML. Workday Community users can read that here: https://community.workday.com/idea/90665 Is anyone in on the details? Are we collaborating on the specification of useful AuthnContextClassRef values? Has there been any related discussion about configuring ForceAuthn? Do we need that in WD or are we all applying business rules within our SSO engines to decide when to force reauthentication? This looks like great progress toward federated MFA in WD27. Kudos to everyone who's contributed thus far. -Nathan |
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
- [InC-Workday] SAML-based step-up authentication details, Nathan A. Dors, 05/11/2016
- RE: [InC-Workday] SAML-based step-up authentication details, Cantor, Scott, 05/11/2016
- RE: [InC-Workday] SAML-based step-up authentication details, Michael W. Brogan, 05/11/2016
- Re: [InC-Workday] SAML-based step-up authentication details, Belcher, C W, 05/11/2016
- Re: [InC-Workday] SAML-based step-up authentication details, Nathan A. Dors, 05/12/2016
- Re: [InC-Workday] SAML-based step-up authentication details, Nathan A. Dors, 05/12/2016
- Re: [InC-Workday] SAML-based step-up authentication details, Nathan A. Dors, 05/12/2016
- Re: [InC-Workday] SAML-based step-up authentication details, Belcher, C W, 05/11/2016
Archive powered by MHonArc 2.6.16.