SSIG Breakout Session: 2025-02-05

.SIG Breakout Session: 2025-02-05 - Date: Wed 05 February 2025 - Time: 12:00 - 13:00 UTC in 1 hour ## Agenda Agenda Items to discuss ## Attendees - Francis Pouatcha - Ingrid Kamga - Thomas Darimont - Rodrick Awambeng - Stefan Wiedemann ## Notes Notes by Topic ### General ### OID4VCI (10 minutes) Main Ticket: https://github.com/keycloak/keycloak/issues/32961 - Clarification Needed: https://github.com/keycloak/keycloak/issues/32958 - Pascal will review this and release it for closing. - Close: https://github.com/keycloak/keycloak/issues/32959 - Must have been fixed: https://github.com/keycloak/keycloak/issues/32967 - Will be check by thoms and released for closing if necessary or for impl. Sample Deployments: - https://github.com/adorsys/keycloak-ssi-deployment ### OAuth First Party Application (5 minutes) - FIPA: https://github.com/keycloak/keycloak/discussions/25014 - API Based Auth: https://github.com/keycloak/keycloak/discussions/36924 ### DPoP (5 minutes) Main ticket: https://github.com/keycloak/keycloak/issues/22311 Need urgent consideration: - https://github.com/keycloak/keycloak/issues/36475 - https://github.com/keycloak/keycloak/issues/36476 ### [SSF](https://sharedsignals.guide/) (10 minutes) Presentation of Thomas - Test: https://scim.dev/ - POC: https://github.com/thomasdarimont/keycloak/tree/poc/shared-signals #### [SPIFFE](https://spiffe.io/) (15 minutes) Presentation of Dmitry - Will be discussed in the general session next week. #### Key selection on Identity Providers (5 minutes) - https://github.com/keycloak/keycloak/discussions/35039 - We might need a sub abstraction of Identity Providers (or trusted parties) inside a single Realm - Consider the trusted party abstraction - Thomas: Look at the org.keycloak.broker.provider.AbstractIdentityProvider class. Could be the right location for managing of provider specific keys. We could provide an optional like "Use custom private Key: on/off" with an input field for a custom private key in the IdentityProviderConfiguration - Thomas: Alterantive: Refactor SAML Identity Provider and add a protected method to determine the key to use, to allow custom SAMLIdentityProviders to use different keys. ### Other Topics #### Keyconf25 - Presentation of Nathalia's proposal. - Vinod: propose other sponsoring formats. Like small independent consultants for 1000 Euros. ## Recording https://us06web.zoom.us/rec/share/8sVAa64xmrhcQ3HPLDY3k6kkrkmVZFvu2kKEYywawnpCRNNSwyapefkigOrIoZV3.F2UjmqHtn_N20N2s ## Next General Session - Pushed to Feb 12th for Takashi to be present