Idea Details

Implement OpenId signature in CA SSO with HS256/HS512 algorithms

Last activity 04-15-2019 12:09 PM
masfr02's profile image
09-20-2017 12:50 PM

The latest version of CA SSO 12.7 has added OpenId client and Authorization providers, which allows to enlarge the federation spectrum to new protocols and new service providers.
This feature allows to manage also the simpler JWT federation and integration.
Unfortunately for (CA SSO) the most common algorithm used for JWT tokens are HS256 and HS512, but this algorithms are not yet available in the current configuration.
I don't think it is a big effort to add this feature, it will allow to use the standard features of the product to manage these federation protocols without using Opensource libraries and custom code.


Comments

05-14-2018 04:11 PM

This is a good idea which will enhance SSO capability.

10-26-2017 02:04 PM

We have been running into the need for stronger hashes, signatures and encryption in different solutions. There is definitely a need for this, especially with continued regulations and industry recommendations.