HackerTrans
TopNewTrendsCommentsPastAskShowJobs

jonbake

no profile record

comments

jonbake
·3 jaar geleden·discuss
I argue that the complexity you are describing is inherent in any solution where multi-level sessions are present-- whether the auth mechanisms is OIDC, SAML, or something bespoke. Beyond social logins, there are use cases where multi-level sessions are required. One example is delegating authentication to another IdP. It's possible to use a OIDC client and configure the IdP to not create a session if multi-level sessions are not required.