technical-framework icon indicating copy to clipboard operation
technical-framework copied to clipboard
verified publisher icon swedenconnect

Add new DSS error code for failed user authentication

Open martin-lindstrom opened this issue 3 years ago • 1 comments

The extensions to the DSS error codes lists a number of suitable error codes for the DSS extension functionality, but it seems that an error code for "user authentication failed" is lacking.

martin-lindstrom avatar Apr 25 '22 16:04 martin-lindstrom

Also, there doesn't seem to be a suitable DSS ResultMinor code corresponding to http://id.elegnamnden.se/status/1.0/possibleFraud, hence the fact that the identity provider detected a possible fraud is lost in translation between the SAMLResponse and the SignResponse.

http://id.elegnamnden.se/sig-status/1.0/user-cancel currently seems like the best fit, but that assumes that the identity provider presented a Cancel button for the user to click on, rather than just returning the user immediately, which may not always be the case.

A URI of http://id.elegnamnden.se/sig-status/1.0/possible-fraud or similar would therefore be useful.

magnussuther avatar Mar 02 '23 19:03 magnussuther