I am looking for a way to perform attribute query from the SP to the IDP not associated with a specific login session #912
Comments
|
Using a The SAML Response dictates for how long the attribute statement is valid; you can then chose to invalidate the session and request the user to re-authenticate. Keeping the subject's attributes up to date within a session is only possible by having the client query the attribute authority, but this is not how entities are setup most of the time. It sounds like what you would want is similar to invoking the userinfo endpoint in OIDC, which would/should return fresh information about the user. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I am looking for a way to perform attribute query from the SP to the IDP not associated with a specific login session
I did not found any way to do it outside of getting the attributes as part of a login process
and i need to be able to keep my cached copy of those values up to date on the SP side, and have it updated on the SP side automatically when they change on the IDP side
The text was updated successfully, but these errors were encountered: