Enterprise Authentication Changelog

• Update internal OIDCOIDC OpenID Connect 1.0 (OIDC) is an authentication layer built on OAuth 2.0 where the identity provider that runs the authorization server also holds the protected resource that the third-party application aims to access.
  Edit Entry and SAMLSAML Security Assertion Markup Language (SAML) is a standard, XML-based language for exchanging authentication and authorization data between identity providers and service providers. This standard is currently used by Enterprise Authentication (as well as hundreds of service providers that integrate with our identity provider).
  Edit Entry components to improve security.
• Improve session management to reduce re-authenticationAuthentication Authentication is the act of determining that a person is who they claim to be. For more information, see our Concepts page.
  Edit Entry frequency.

• Update internal OIDCOIDC OpenID Connect 1.0 (OIDC) is an authentication layer built on OAuth 2.0 where the identity provider that runs the authorization server also holds the protected resource that the third-party application aims to access.
  Edit Entry components to improve security.

• Perform regression testing of the most recent tag (4.3.1_20231128_rocky8_multiarch) of the InCommon Trusted Access Platform (TAPTAP The InCommon Trusted Access Platform (TAP) is an identity and access management suite of software.
  Edit Entry) Shibboleth Identity Provider (IdPIdP An Identity Provider (IdP) is a software tool or service that offers user authentication as a service. The IdP manages the user’s primary authentication credentials and issues assertions derived from those credentials.

  At UT Austin, the primary IdP used to authenticate the UT EID and EID Password is Enterprise Authentication, which is managed by the IAM Team.

  For more information, see our Concepts page.
  Edit Entry) image.

• Update Enterprise AuthenticationAuthentication Authentication is the act of determining that a person is who they claim to be. For more information, see our Concepts page.
  Edit Entry to use tested tag.
• Update OIDCOIDC OpenID Connect 1.0 (OIDC) is an authentication layer built on OAuth 2.0 where the identity provider that runs the authorization server also holds the protected resource that the third-party application aims to access.
  Edit Entry OPOP An OpenID Provider (OP) is an entity that has implemented the OpenID Connect and OAuth 2.0 protocols, OP’s can sometimes be referred to by the role it plays, such as: a security token service, an identity provider (IDP), or an authorization server.
  Edit Entry plugin to latest version (3.4.0).
• Update OIDC Common plugin to latest version (2.2.1).
• Update Duo OIDC plugin to latest version (1.4.1).
• Add OIDC Config plugin at latest version (1.0.1).
• Add configurations to support OIDC integrations.
• Retired unused integration configurations.

• Perform regression testing of the most recent tag (4.3.1_20230330_rocky8_multiarch) of the InCommon Trusted Access Platform (TAPTAP The InCommon Trusted Access Platform (TAP) is an identity and access management suite of software.
  Edit Entry) Shibboleth Identity Provider (IdPIdP An Identity Provider (IdP) is a software tool or service that offers user authentication as a service. The IdP manages the user’s primary authentication credentials and issues assertions derived from those credentials.

  At UT Austin, the primary IdP used to authenticate the UT EID and EID Password is Enterprise Authentication, which is managed by the IAM Team.

  For more information, see our Concepts page.
  Edit Entry) image.

• Update Enterprise AuthenticationAuthentication Authentication is the act of determining that a person is who they claim to be. For more information, see our Concepts page.
  Edit Entry to use tested tag.
• Update OIDCOIDC OpenID Connect 1.0 (OIDC) is an authentication layer built on OAuth 2.0 where the identity provider that runs the authorization server also holds the protected resource that the third-party application aims to access.
  Edit Entry OPOP An OpenID Provider (OP) is an entity that has implemented the OpenID Connect and OAuth 2.0 protocols, OP’s can sometimes be referred to by the role it plays, such as: a security token service, an identity provider (IDP), or an authorization server.
  Edit Entry plugin to latest version (3.3.0).
• Update OIDC Common plugin to latest version (2.1.0).
• Update Duo OIDC plugin to latest version (1.3.0).

• Perform regression testing of the most recent tag (4.2.1_20220815_rocky8) of the InCommon Trusted Access Platform (TAPTAP The InCommon Trusted Access Platform (TAP) is an identity and access management suite of software.
  Edit Entry) Shibboleth Identity Provider (IdPIdP An Identity Provider (IdP) is a software tool or service that offers user authentication as a service. The IdP manages the user’s primary authentication credentials and issues assertions derived from those credentials.

  At UT Austin, the primary IdP used to authenticate the UT EID and EID Password is Enterprise Authentication, which is managed by the IAM Team.

  For more information, see our Concepts page.
  Edit Entry) image.

• Update Enterprise AuthenticationAuthentication Authentication is the act of determining that a person is who they claim to be. For more information, see our Concepts page.
  Edit Entry to use tested tag.
• Enable Open ID Connect plugin functionality.
• Implement new Duo Universal Prompt plugin.

Known Issues

• Visual bug with FERPAFERPA The Family Educational Rights and Privacy Act of 1974 (FERPA) is a federal law which pertains to the release of and access to educational records.
  Edit Entry banner post-authentication flow. Functionality is not impacted.