By: hyunwoo kim named 26 Nov 2019 at 1:11 a.m. CST

3 Responses

Hi. I read about Pairwise IDs in the OpenID Connect Provider section of the Gluu 4.0 Doc. Can this control access to the OIDC Client? What role does Pairwise IDs play?

Gluu 4.0 Ubuntu 16.04

closed

By Mohib Zico staff 26 Nov 2019 at 2:57 a.m. CST

Copy

Pairwise Identifier is like persistent Identifier of SAML. Goal is to release same identifier for each person in various websites ( though different subject identifier for each websites ). I haven't used pairwise id for authorization but it's a good thing to test for sure.

By William Lowe user 26 Nov 2019 at 9:24 a.m. CST

Copy

OpenID Connect offers two types of subject identifiers: public or pairwise. With Public Subject Identifier, the sub=claim is the user ID or equivalent, e.g. sub=will. This allows the possibility of correlating user activity across multiples sites. The Pairwise Subject Identifier allows each client to get issued a non-reversible hash of the sub=claim, which prevents correlation of a specific user across multiple sites.

By hyunwoo kim named 27 Nov 2019 at 7 p.m. CST

Copy

Thanks to answer.

You need to Login in order to post an answer

Whit is pairwise IDs?

By: hyunwoo kim named 26 Nov 2019 at 1:11 a.m. CST

Answers

By Mohib Zico staff 26 Nov 2019 at 2:57 a.m. CST

By William Lowe user 26 Nov 2019 at 9:24 a.m. CST

By hyunwoo kim named 27 Nov 2019 at 7 p.m. CST

Post an answer