Many large enterprise business customers have their own IdP (Identify Provider) and related SSO (Single Sign-On) based authentication. Some of these enterprises have integrated their IdP with our Data Holder ecosystem, and this is how their staff log in as authorized users on the enterprise’s account. Consequently they do not have user credentials specific to our platform. How should these users be handled when it comes to CDR authentication? They do not have a username or phone number that they can provide to begin the authentication process. Do the CDR data standards allow us to use SSO through the CDR authentication flow?
The Consumer Data Standards do not support SSO to a third-party IdP. Each consent requires re-authentication each time. What you describe is a common issue for SME and large business customers.
Please raise a change request so this issue can be considered.