Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-4710

Ability to address authentication based on level of assurance

    XMLWordPrintable

Details

    • Enhancement
    • Status: Closed
    • Major
    • Resolution: Duplicate
    • None
    • None
    • None
    • NEW
    • NEW

    Description

      NIST has come up with https://pages.nist.gov/800-63-3/. Authentication is not a binary function anymore and cannot be tied to an authenticator.

      Authentication engine should address "Authentication Assurance Levels" and tie it back to Authentication class reference as specified in SAML and OIDC.

      Enhancement request to extend session module and authentication module to support Authentication assurance levels, individual session policies and a way to support step-up authentication and step down based on session timeout.

      This is not a request for actual implementation rather extend the base framework and APIs to at least support a custom build of this framework over APIs

      Thanks.

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              santoshharanath Santosh Haranath (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: