Authentication AUP FAQs

To use UT EIDUT EID The University of Texas Electronic Identity (UT EID or EID) is the public records identifier for principals at the university. See our Concepts page for more information.-based authenticationAuthentication Authentication is the act of determining that a person is who they claim to be. For more information, see our Concepts page. for your application or software, your College, School, or Unit (CSUCSU College, School, or Unit) must adhere to the following requirements:

1. Authentication Acceptable Use Policy (AUPAUP An Acceptable Use Policy (AUP) is a document that outlines a set of rules to be followed by users or customers of a set of computing resources. An AUP clearly states what the user is and is not allowed to do with these resources.): Your CSU must agree to the Authentication Acceptable Use Policy. This is similar to how employees must agree to the University’s Acceptable Use Policy when accessing university resources.
2. Annual Re-Acknowledgement: Just like the University’s Acceptable Use Policy, your CSU is required to re-acknowledge the Authentication AUP annually. This ensures continued compliance and alignment with university policies.

These steps help maintain security and standardize access management across applications using UT EID authentication.

The Identity and Access Management (IAMIAM Identity and Access Management (IAM) is a set of policies, processes, and technologies designed to ensure that the right individuals (identities) have the right access to resources within an organization. IAM involves managing and securing digital identities, controlling access to systems and data, and maintaining the confidentiality, integrity, and availability of information.) Team supports over 289 unique applications across campus. To streamline Authentication Acceptable Use Policy (AUP) renewals, the team has automated the process using Splunk, which sends emails from splunk@security.utexas.edu.

How the Process Works:

• Renewal Link: The email will include a customized URLURL A Uniform Resource Locator (URL) is a reference to a web resource that specifies its location on a computer network and a mechanism for retrieving it. A typical URL could have the form http://www.example.com/index.html, which indicates a protocol (http), a host name (www.example.com), and a file name (index.html). Also sometimes referred to as a web address. directing you to the Authentication AUP renewal page at https://iamservices.utexas.edu/auprenewal/. This link will redirect to a Qualtrics form at https://utexas.qualtrics.com/jfe/form/SV_1FgEvtqbA3wu11A. This behavior is both correct and expected.

Questions About Authenticity:

• If you have concerns about the authenticity of a renewal request, you can:
  • Email the IAM team at iam-integrations@utlists.utexas.edu.
  • For more significant concerns, contact the Information Security Office at security@utexas.edu.

This automated process ensures timely and consistent compliance with university policies.

When starting the integration request process, employees are required to:

1. Identify an Authorized Signer: Specify an individual in their College, School, or Unit (CSU) who is authorized to sign the Authentication Acceptable Use Policy (AUP) on behalf of the CSU.
2. Provide an Administrative Mailing List: Share an administrative mailing list where the IAM team can contact responsible parties. This ensures continuity in case the designated AUP signer has changed roles or is no longer at the university.

Why You Received This Email:

You may have received an email related to this process for one of the following reasons:

• You are a member of the administrative mailing list provided during the integration request.
• You have previously signed the Authentication AUP for the application.
• You have been identified as the new Authentication AUP signer, replacing the previous individual.

This process ensures that all responsible parties are informed and that there are no gaps in compliance with the Authentication AUP requirements. If you have questions, you can contact the IAM team at iam-integrations@utlists.utexas.edu.

1. If You Are the Addressee:
   • If your name is in the email and your email address is in the “To:” field, you are the designated Authentication Acceptable Use Policy (AUP) Signer.
   • Follow the instructions in the email to sign the Authentication AUP.
2. If You Are Not the Addressee:
   • Your responsibility is to ensure that the designated AUP Signer (the person addressed in the email) is aware of the request.
   • If the designated AUP Signer is no longer valid (e.g., they have changed roles or left the university), take the following steps:
     • Forward the email to iam-integrations@utlists.utexas.edu.
     • Provide the name and UT EID of the new AUP Signer.
     • Ensure the new AUP Signer meets the criteria outlined in the “Who can sign the AUP?” guidelines.

This process ensures that the correct individual is identified and that the Authentication AUP is signed in a timely manner. If you have further questions, contact the IAM team at iam-integrations@utlists.utexas.edu.

If the designated Authentication Acceptable Use Policy (AUP) Signer is no longer valid (e.g., they have changed roles or left the university), please forward the email to iam-integrations@utlists.utexas.edu and provide the following information:

1. The name of the new AUP Signer.
2. Their UT EID.
3. Confirmation that the new AUP Signer meets the criteria outlined in the “Who can sign the AUP?” guidelines.

Why Annual Renewals Are Important:

One of the key benefits of requiring annual AUP renewals is to ensure that contact information remains accurate and up-to-date. This helps maintain seamless communication and ensures that the appropriate individuals are identified as responsible parties.

For additional assistance or questions, reach out to the IAM team at iam-integrations@utlists.utexas.edu.

The AUP must be signed by an individual who is authorized to represent the administrative or business owner College, School, or Unit (CSU). This individual is typically in a leadership or management role. Examples of eligible AUP signers include:

• Vice Presidents, Associate Vice Presidents, and Assistant Vice Presidents
• Vice Provosts
• Executive Directors, Directors, Assistant Directors, and Deputy Directors
• Senior IT Managers and Senior Project Managers
• Department Heads or Department Managers (often, but not always)

Eligibility Requirements:

1. Current Staff: The signer must be a current staff member at The University of Texas at Austin.
2. Faculty with Administrative Roles: Current faculty members may also sign if their administrative role designates them as current staff.

If you have questions about whether an individual meets these criteria, contact the IAM team at iam-integrations@utlists.utexas.edu.

The current system is designed to assign one AUP Signer per application. This approach ensures:

• Clear Accountability: A single, designated individual is responsible for signing the Authentication Acceptable Use Policy (AUP).
• Avoidance of Responsibility Diffusion: Prevents confusion over who is accountable for compliance.

Temporary Replacements:

In extenuating circumstances, if the designated AUP Signer is unavailable, a temporary replacement can be authorized, provided they meet the eligibility criteria outlined in the “Who can sign the AUP?” section.

Steps to Request a Temporary Replacement:

1. Forward the Email: Send the email to iam-integrations@utlists.utexas.edu.
2. Explain the Circumstances: Provide a brief explanation of why the designated AUP Signer is unavailable.
3. Provide Replacement Details: Include the name and UT EID of the proposed temporary replacement.

This process ensures continuity while maintaining compliance and accountability. For further assistance, contact the IAM team at iam-integrations@utlists.utexas.edu.

If you are unsure who your department head or manager is, you can use the Department System to find this information. This tool provides up-to-date details about departmental leadership and management roles.

Please email us at iam-integrations@utlists.utexas.edu and we’ll be happy to assist.

Be sure to include the Department Code and Department Name from the Department System .

1. Manual Verification: After you sign the Authentication Acceptable Use Policy (AUP), a member of the Identity and Access Management (IAM) Team manually verifies your signature.
   • They ensure that the signature is from an appropriate individual, as outlined in the “Who can sign the AUP?” section.
2. Record Updates: Once verified, the IAM Team updates your record in the system to include:
   • The name of the signer.
   • The date the AUP was signed.
3. Expiration Tracking and Renewal Reminders:
   • The system uses this information to track when the AUP will expire.
   • Reminder emails are automatically sent to you when it is time to renew your AUP.

This process ensures accountability and helps maintain compliance with university policies. For questions or further assistance, contact the IAM team at iam-integrations@utlists.utexas.edu.