Notes from the AAI Taskfoce Meeting at the virtual Center Meeting

Time: 10.6.2021 14-15:45 CEST Present (from memory): Martin Matthiesen, Dieter van Uytvanck, Willem Elbers, André Moireira, Jozef Mišutka, ?

= Topics =
== AAI Proxy ==
[[BR]]Willem presented the idea to introduce an AAI proxy similar to Elixir.

Benefits:

 * Once accepted by a Federation CLARIN can give SPs more assurances that connect will work and even provide missing IdP attributes.
 * OIDC/OAuth2 -bridging is possible
 * Much easier administration than present SPF, especially on CLARIN ERIC side

Issues:

 * Self-reported attributes (e.g. mail) must be visible as such to SPs
 * SPs using targetedID, or any other approach using (IDP,SP) specific information, cannot identify returning users (some workaround for this will be needed)
   * Jozef: At the moment, I would highlight this as a show stopper to Clarin IdP  revolution (mandatory moving to hub&spoke for all SPs) but not a  showstopper to potential Clarin IdP evolution (mandatory for new SPs).[[BR]]And it is not only about targetedID but can be also for idp+eppn and probably other combinations.
 * Single point of failure
 * Proxies proxying to proxies might confuse users.

The idea was received positively, if the issues mentioned can be addressed/mitigated.

== Lindat's Attribute Aggregator ==
The "AAGREG" was introduced a few years ago, uptake is low. It is seen as a useful tool and we agreed to promote uptake in the next SCCTC.

== SP-specific discovery services ==
There is a need for SP-specific discovery service feeds, CLARIN is aware of the issue and more information is to follow.

== API Security ==
A brief overview of API tokens and their usage was presented.