4 Replies Latest reply: Nov 11, 2010 11:38 AM by Markus Decke RSS

    PicketLink 2 :: STS API Discussion

    Anil Saldhana Master

      I want to dedicate this thread to discuss the possibilities for a generic API for the STS to cater to the various FIM standards/tech available such as SAML2, WS-T, OpenID and OAuth.

       

      It is my belief that all token formats can be captured into a select set of representation and can be handled by a generic STS.

       

      The API needs to:

      1. Issue a token
      2. Validate a token
      3. Renew a token
      4. Cancel a token.

       

       

       

      Let us look at the various technologies/standards that we want to support:

       

      Standard
      Token Format
      Reference
      SAML2XML
      WS-TrustXML
      OpenIDBinaryhttp://dev.aol.com/OpenidTokenExchange
      OAuthBinaryhttp://tools.ietf.org/html/draft-ietf-oauth-v2-10

       

      My initial take is to go with the token format in the API to be byte[].