Q: Are we talking about using social identity for sign-on, or social logins?
A: (Tim) The way it works is going to be you would login with a single social account – FB or Twitter, for instance – and then you would authenticate with other social accounts.
Q. How do I know what I’m getting back when I let people sign in using Facebook?
A. (Tim) We’ll enable administrative control over the data you’ll be accessing. For instance, you don’t want random data – friends list, photos – coming back.
Q. (guy from HP) The way we deploy applications, we have contracts with Google, Microsoft, etc. Multiple applications. We don’t want to have to authenticate for each and every interaction. (Tim’s going take discussion offline).
Q. How do we offer a way for two or more individuals to access a single account?
A. If you have multiple social IDPs you can do it. It sounds like you need delegated access in this case.
- Marketing Consent: the concept of having consent to send commercial email, feed ads, etc.
- Progressive Profiling. Would this be a valuable capability? Group agreement that this would be a good feature to have.
- Q: Does progressive profiling happen at authentication?
- A: (HP guy) yesYes, that’s how we do it.