- Performed regression testing of the most recent tag (3.4.6_20191001) of the InCommon Trusted Access Platform (TAPTAP The InCommon Trusted Access Platform (TAP) is an identity and access management suite of software.) Shibboleth Identity Provider (IdPIdP An Identity Provider (IdP) is a software tool or service that offers user authentication as a service. The IdP manages the user's primary authentication credentials and issues assertions derived from those credentials. At UT Austin, the primary IdP used to authenticate the UT EID and EID Password is Enterprise Authentication, which is managed by the IAM Team. For more information, see our Concepts page.) image.
- Updated Enterprise AuthenticationAuthentication Authentication is the act of determining that a person is who they claim to be. For more information, see our Concepts page. to use tested tag.
- No user-facing changes.
Enterprise Authentication Changelog
Below is the change log for the Enterprise Authentication service.
News from the Transition to Enterprise Authentication Project – October 2019
Enterprise AuthenticationAuthentication Authentication is the act of determining that a person is who they claim to be. For more information, see our Concepts page. is LIVE
The implementation of the new Enterprise Authentication service is complete, and the service is now live in production.
The Identity and Access Management (IAMIAM Identity and Access Management (IAM) is a set of policies, processes, and technologies designed to ensure that the right individuals (identities) have the right access to resources within an organization. IAM involves managing and securing digital identities, controlling access to systems and data, and maintaining the confidentiality, integrity, and availability of information.) team is now undertaking the first phase of a project to migrate over 800 integrations from UTLogin to Enterprise Authentication. Transition managers are working to schedule customer transitions with the goal to have all UTLogin transitions complete by the end of 2020 and retire UTLogin in December 2020. The transition focus will then shift to transitioning UT Shibboleth customers.
Ready to Integrate with Enterprise Authentication?
If you are an existing UTLogin customer and have not been contacted by a transition manager, please reach out to the team by emailing iam-integrations@utlists.utexas.edu .
New IAM authentication customers can find information about the integration process and initiate a new integration by visiting https://iamservices.utexas.edu/integration/.
All customers are welcome to visit the Enterprise Authentication ServiceNow page to find more information including answers to frequently asked questions.
Resources
Want to know more about Enterprise Authentication? Visit the Enterprise Authentication ServiceNow page and/or review some of these commonly asked-about topics:
- KB0017765: UTLogin to Enterprise Authentication Transition Plan
- KB0017642: Transitioning from a UTLogin WPA to Enterprise Authentication
- KB0017671: Metadata Requirements
- KB0017644: Mapping Policy Agent Headers to Enterprise Authentication Attributes
- KB0017849: Shibboleth Service Provider (SP) Metadata Examples
- KB0017850: SimpleSAMLphp Examples
You may also be interested in our other ServiceNow Knowledge Articles.
Connect with the Enterprise Authentication Team
For questions or comments, send an email to entauthn@utlists.utexas.edu.
ITS Campus Solutions is Consolidating to Standards-Based Enterprise Authentication
What is changing and why?
The Identity and Access Management (IAMIAM Identity and Access Management (IAM) is a set of policies, processes, and technologies designed to ensure that the right individuals (identities) have the right access to resources within an organization. IAM involves managing and securing digital identities, controlling access to systems and data, and maintaining the confidentiality, integrity, and availability of information.) team is deprecating the agent-based authenticationAuthentication Authentication is the act of determining that a person is who they claim to be. For more information, see our Concepts page. model and adopting standards-based web authentication.
For UT servers and applications using UTLogin, this will involve transitioning to a new Enterprise Authentication service, which provides Security Assertion Markup Language (SAMLSAML Security Assertion Markup Language (SAML) is a standard, XML-based language for exchanging authentication and authorization data between identity providers and service providers. This standard is currently used by Enterprise Authentication (as well as hundreds of service providers that integrate with our identity provider). 2).
The goal of this change is to provide a standards-based authentication method. SAML 2 represents established industry standards, which the majority of software vendors support. Additionally, having fewer authentication methods means a better single sign-on experience and faster integrations.
The IAM team will begin contacting UTLogin customers to develop transition plans in June 2019.
How will this affect me?
For most people who use protected websites and applications, the transition to Enterprise Authentication will not require any attention or action. There may be small changes to the look and feel of the login screens; but, overall, the login process will be the same. Some end users may be asked to authenticate multiple times as our authentication customers migrate to the new service.
This change primarily impacts individuals who manage servers and web applications that use UTLogin. In order to focus on the transition to Enterprise Authentication, the IAM Team will no longer provision new Web Policy Agents (WPAs). Support for existing WPA and SAML customers will not be affected.
The IAM team has been working to develop processes to support transitioning customers to Enterprise Authentication. This includes documentation, training, and outreach. These efforts will continue and become more detailed over the coming months.
Questions?
Review our project page: Transition to Enterprise Authentication Project
Please send questions to: entauthn@utlists.utexas.edu
