You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I would like to propose two new features for Vouch Proxy that could enhance user security and session management.
1. User Notification: It would be beneficial to notify users about their authentication events through a messaging service, such as signal-cli-rest-api. This would require the user's phone number to be included in the claim. By doing so, users can be alerted if an authentication attempt is made that they did not initiate, allowing them to take immediate action.
2. Logout Endpoint: Another idea is to implement a logout endpoint. The user would receive a notification via a messaging service that includes a URL with the logout endpoint and a token related to the new session. By clicking on the URL, the user can terminate the session with Vouch Proxy. However, this feature might not be very effective unless the session is also terminated at the OAuth provider/IDP/OIDC provider level. Therefore, I'm not entirely convinced about its practicality.
I would appreciate your thoughts on these ideas, especially regarding the feasibility and potential security benefits.
Thx.
The text was updated successfully, but these errors were encountered:
I would like to propose two new features for Vouch Proxy that could enhance user security and session management.
1. User Notification: It would be beneficial to notify users about their authentication events through a messaging service, such as signal-cli-rest-api. This would require the user's phone number to be included in the claim. By doing so, users can be alerted if an authentication attempt is made that they did not initiate, allowing them to take immediate action.
2. Logout Endpoint: Another idea is to implement a logout endpoint. The user would receive a notification via a messaging service that includes a URL with the logout endpoint and a token related to the new session. By clicking on the URL, the user can terminate the session with Vouch Proxy. However, this feature might not be very effective unless the session is also terminated at the OAuth provider/IDP/OIDC provider level. Therefore, I'm not entirely convinced about its practicality.
I would appreciate your thoughts on these ideas, especially regarding the feasibility and potential security benefits.
Thx.
The text was updated successfully, but these errors were encountered: