see 2021
on-demand
close
Session / Architecture & Standards

<RequestedAuthnContext> Considered Harmful and Other Federation Protocol Features to be Reconsidered

Wednesday, June 23
11:00am - 11:25am MDT

Secured federated authentication requires more than just a username and password in a Web form or possibly an on-premises Kerberos authentication. Organizations are developing authentication policies that may require many features including multifactor or passwordless authentication methods, allowed or restricted network locations, device configuration compliance, and user risk among other possibilities. Unfortunately, many of our federation protocols were designed prior to these needs becoming evident. This session will help both application developers and federation solution owners understand some common protocol features that may need to be reconsidered in this modern environment. Specific issues or limitations that may be encountered by using these features will be discussed, along with alternatives to meet the needs these features may provide.