Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-17414

Unclear term in the Securing Installations guide: XUI authentication IDs

    XMLWordPrintable

Details

    • Rank:
      1|i03lnb:
    • No
    • No
    • No
    • 0
    • No
    • None

    Description

      In 5.4. Securing Communications under the AM 6.5 Installation Guide, bullet point #6 mentions the following:

      Use your own key, not the test key provided with AM, to sign:

      • SAML 2.0 authentication requests, authentication responses, and single logout requests
      • XUI authentication IDs

      I haven't seen the term before, and can't find any other reference to it. It can lead customers to believe that it's an independent component that needs to be disabled or modified. I believe this term means to address tokens in general (OAuth2, OIDC, Agents, Stateless sessions, etc), and should be replaced accordingly or removed.

      Attachments

        Activity

          People

            chris.lee Chris Lee [X] (Inactive)
            sergio.bettiol Sergio Bettiol [X] (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: