Credential Delegation

The credential delegation protocol allows a client program to delegate a user's credentials to a service such that that service may make requests of other services in the name of that user.

It exists a REC that defines a REST service that works alongside other IVO services to enable such a delegation in a secure manner. It is based on X509 certificate delegation capability (proxy certificates).

Delegation based on token is the next step. It is necessary to implement also Authorization protocols (e.g. the group managment requires a delegation to allow services to query the GMS service on behalf of the user).

A discussion is on going since 2020 Virtual Interoperability Meeting

Credential delegation discussions:


Topic revision: r1 - 2020-06-02 - GiulianoTaffoni
 
This site is powered by the TWiki collaboration platformCopyright © 2008-2020 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback