SSO: Single Sign On
The IVOA single-sign-on architecture is a system in which users assign cryptographic credentials to user agents so that the agents may act with the user's identity and access rights. This standard describes how agents use those credentials to authenticate the user's identity in requests to services. This standard describes also the authentication mechanism of an application or a service making a call (on behalf of someone or something else) to an API or to another service. This document is essentially a profile against existing security standards; that is, it describes how an existing standard should be applied in an IVOA application to support single sign-on capabilities in the IVOA. In the following sections, we make specific references to details spelled out in these standards. For the purposes of validating against this standard, those referenced documents should be consulted for a full explanation of those details.
The last stable version is REC-2.0.
Next version will be 2.1. A [Working Draft ] is under discussion. It is not yet finalized and so, should not be considered yet as stable for operational implementation.
See also the section Releases of this GitHub Repository.
This GitHub repository contains the sources of the IVOA document describing SSO profiles.
Only the LaTeX version is available here. No output version (e.g. PDF, HTML, DOC) should be stored in this repository.
-
Raise a GitHub Issue on this repository
-
Fork this repository (eventually clone it on your machine if you want to)
-
Create a branch in your forked repository ; this branch should be named after the issue(s) to fix (for instance:
issue-7-add-license
) -
Commit suggested changes inside this branch
-
Create a Pull Request on the official repository (note: a
git push
is needed first, if you are working on a clone) -
Wait for someone to review your Pull Request and accept it
This process has been described and demonstrated during the IVOA Interoperability Meeting of Oct. 2019 in Groningen ; see slides)
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.