Problem Definition

LIRs would like a mechanism to easily add/remove users to centralised SSO authentication groups for maintaining objects in the RIPE Database. 

(Draft) Solution Definition

-Technical Users listed in an LIR´s portal account, who have an SSO authentication account, can be added to and removed from user defined SSO authentication groups.

-Each User can be a member of any number of named groups. (should there be a limit on number of groups?)

-The authentication groups can be configured using the portal UI.

-These groups can be referenced in MNTNER objects by a new authentication method ´SSO-LIR´.

To me this looks like what was suggested, if technical users are currently referring to admin and regular, but not billing. Regarding the limit on the number of groups, I personally don't have any real opinion on it, I can see good and bad things about having a limit on that.

Kind regards,
Cynthia Revström