It is not secure to share user identity with other applications. So the requested idea will not be implemented in the way it is described. What we're considering instead is implementing some kind of Application identities that can be configured to be granted to use, for example, CoreService API. The custom application will use that App identity to perform requests to CoreService.
The use case is valid and SDL will consider it as part of the future enhancements to security-related features of SDL Tridion, but it will be implemented in some other form.
Currently it is not possible to use SAML authentication over a wider scope than just the WebUI web application on the Content Manager (see https://tridion.stackexchange.com/a/19604/54). It would be good if this could be extended to, for example custom pages, running in their own application context under the main SDL Web IIS web application.
Translate
