HackerTrans
トップ新着トレンドコメント過去質問紹介求人

jonbake

no profile record

コメント

jonbake
·3 年前·議論
I argue that the complexity you are describing is inherent in any solution where multi-level sessions are present-- whether the auth mechanisms is OIDC, SAML, or something bespoke. Beyond social logins, there are use cases where multi-level sessions are required. One example is delegating authentication to another IdP. It's possible to use a OIDC client and configure the IdP to not create a session if multi-level sessions are not required.