Hello,
I have a few questions about the newly introduced External Authentication Service authentication scheme.
The documentation mentions about OpenID Connect as the method of communication with the external provider, but doesn't include any specifics on what authorization flows should be configured at the external provider, as far as the OIDC protocol is concerned. Is the authorization_code flow that needs to be configured or is it another ? If we're to use another Siteminder instance as OIDC Provider in this authentication scheme, what would be the configuration parameters for an OIDC Client that would be needed on the Siteminder side ?
The office ours session in Feb 2025 mentioned this authentication scheme as being (primarily) created for integrating 3rd party MFA solutions as a 2nd MFA verification step in a MFA authentication scheme - is there a list of MFA/OTP providers that have been tested/certified in this authentication scheme ?