Using SuperGluu for end user authentication in CIBA flow

By: Janis Kulins user 10 Jun 2021 at 6:37 a.m. CDT

2 Responses
Janis Kulins gravatar
Hello, during ciba setup, we realised, that standard arc_value requested methods are not used, but system always go to separate CIBE End user notification script. Or if no configured, start checking firabase for user info (enverything as described in docs) Why standard end user authentication approach is not used here (pushing acr values via initial request to enforce specific personal authentication scripts), and is there any technical obstacles to use super gluu in that case (remove login and browser part in general). Thank you in advance.
Gluu 4.2.3 CentOS 8.0
closed

Answers

By Mohib Zico Account Admin 20 Jun 2021 at 2:24 p.m. CDT

Copy
Mohib Zico gravatar
Hi Janis, Please allow me to talk to CIBA dev...

By Milton Ch. staff 26 Jul 2021 at 10:01 a.m. CDT

Copy
Milton Ch. gravatar
Hi Janis, currently CIBA specs define that only back channel can be used, so that's why you see only interception script and Firebase configuration supported, even though it uses third channel to send authorization url to the user, flow in the device is processed as a normal authentication, it uses our pages to authenticate end user. Currently Super Gluu is not supported for this purpose. Let us know any further questions about this.

Post an answer