[Satosa-dev] Accessing IdP metadata from within a microservice

Scott Koranda skoranda at sphericalcowgroup.com
Tue May 15 14:23:55 UTC 2018

Hi Matthew,

> You mentioned last week something about accessing the metadata of the
> IdP used to authenticate the user from within a microservice.  This was
> in the context of using information such as REFEDS R&S or SirTiFi
> compliance to make access control decisions in SATOSA at time of
> authentication.  Would you mind elaborating?

There is a pull request for the SATOSA microservices that implements a
first draft of the "IdP Metadata Attribute Store":


There are two files in the pull request: one for the microservice and
one showing example configuration.

Please take a look at it when you have time.

You will also see that Ivan has a number of suggestions/requirements for
the microservice before the pull request can be accepted. I intend to
make all of those changes (and your email is probably a good excuse to
get to it).

It would be helpful if you can look at the plugin and let me know what
it does not do that you need it to do...


Scott K

More information about the Satosa-dev mailing list