Privacy preserving login

[deepakprabhakara]

Is your proposal related to a problem?

In heavily regulated industries transfer or identification of employee information (even email) outside the boundary of the company leads to heavy compliance burden. If we provide a way to strip all info except the id then this opens up some interesting opportunities.

Describe the solution you'd like

• Document mapping of only the ID skipping everything else
• For any other info that might come via the SAML response we include a flag to strip that out
• Hash the id so it cannot be mapped back in any form, this also caters to the case where some providers send email as the id