PURPOSE#The working group will develop the basic structures needed for the creation of multi-party federations between OAuth2 entities.
The intent is to create a foundation of trust and drive down the cost of collaboration by publishing technical and legal information. These structures will include the set of APIs and related data structures enabling an OAuth entity to manage which entities it trusts and for other OAuth entities to discover members of the federation and details of the services.
The Work Group is necessary to bring together collaborators from existing SAML federations and the OAuth 2.0 community to collaborate on a draft solution that meets their shared goals in this area and takes into account lessons learned from the past ten years of SAML.
Specifically, this Work Group is responsible for:
- Developing a set of use cases and requirements that are specific enough to guide the specification design work
- Developing a set of modular draft specifications meeting these use cases and requirements
- Overseeing the contribution of each resulting draft specification to a standards-setting organization
SCOPE#The APIs and data structures will enable a Discovery Mechanism of the members of the federation and details about their services, key material and technical capabilities. The final scope will be refined after consideration of the use cases.
Existing SAML Federation XML structures will inform this work, but the data structures will not be expressed in XML but in JSON. The functions supported in existing SAML federations should be supported. Additionally, support for a more efficient and scalable discovery process and dynamic integration process will be considered.