Hi Ricky The team is looking into this now. Seems like there has been a lot of back & forth on the email thread and this context has not been captured in the github issue. Thanks, Sree Tummidi Sr. Pro

Hi All, Starting with *CF Release 220*, we have added OpenID Connect ID Token support in UAA. Currently this feature is *disabled* by default to remain fully backwards compatible. uaa.id_token.disable

Hi, The best approach is to use AD LS which can act as a proxy and consolidate the traffic from multiple AD domains https://msdn.microsoft.com/en-us/library/aa705886(v=vs.85).aspx Thanks, Sree Tummidi

Yep, this is not supported. Our recommendation is to do consolidation on the LDAP side. -Sree

Hi Josh, Rebranding is possible today. This can be done by updating the assets under : https://github.com/cloudfoundry/uaa/blob/master/uaa/src/main/webapp/resources/ As mentioned by Matt below we do h

You would need to set up Open AM as a SAML 2.0 Identity Provider and provide the Identity Provider Metadata in the cf-manifest under login->saml->providers section login.saml.providers: description: "

UAA Provides an Admin Tool UAAC (written in ruby) to manage Users, Clients and Groups. You can find more information here: https://github.com/cloudfoundry/cf-uaac Thanks, Sree Tummidi Sr. Product Mana

Dan is right. Also, you can find more details about the configuration to be done on the SiteMinder side here: http://docs.pivotal.io/pivotalcf/opsguide/images/CASM-PivotalCloudFoundryFederationRunbook

Hi Karthik, You can use the UAA Server which is part of CloudFoundry deployment for your App authorization needs. You can also deploy UAA Server stand-alone. Details can be found here : https://github

Hi All, On behalf of the entire Identity team I am pleased to announce the release of UAA 3.0.0. The UAA bosh release based on this version can be found here <http://bosh.io/releases/github.com/cloudf

Yes, UAAC is fully compatible with this release. -Sree wrote:

Hi Rich, Please see my comments inline 1. When using cf login --sso, prompt no longer points to proper url but defaults to localhost: One Time Code ( Get one at http://localhost:8080/uaa/passcode ) We

Hi Rich, This has been fixed in the CF release v229 & v230 Its broken in CF Release v227 & v228 -Sree

Hi All, Starting cf-release V227, UAA is being consumed as a separate bosh release as opposed to a job. The release notes published earlier was not covering the details of all the spec changes that ha

Hi All, Its 2016 and we have finally decided to make token persistence & revocation a reality in UAA !! Over the past year, I have had multiple conversations with foundation members and customers alik

Hi Kayode, We don't have this feature in UAA today. We may explore this when we add support for social identity providers and perform account linking. What was the use case you were thinking about ? T

Hi All, We plan on deprecating properties in UAA that either have a replacement or are no longer used. The spreadsheet linked here <https://docs.google.com/a/pivotal.io/spreadsheets/d/1C3VlW7BmUZ7b8o3

Hi All, On behalf of the entire Identity team I am pleased to announce the release of UAA 3.1.0 <https://github.com/cloudfoundry/uaa/releases/tag/3.1.0> The UAA bosh release based on this version can

Hi, Can you please share your deployment manifest. There is something strange going on because for some reason UAA requests are being routed to *uaa.cisco.com <http://uaa.cisco.com/> instead of *http:

Hi Dax, This is happening because your SAML has not been set up properly. The email, first name and last name need to be mapped to attributes from the incoming SAML assertion. Please reach out to the