Identity Management

Availability: UCOP and Systemwide

Service Description
ITS provides identity management services to enable identity lifecycle management (identity validation, user account creation and provisioning, and user profile information storage / dissemination) for UCOP business system and supporting system owners. The service includes business-facing self-registration/self-service (planned) and supporting identity creation / maintenance, account provisioning, account attribute lookup, and time and materials based development / integration assistance.

Shibboleth. Shibboleth is among the world’s most widely deployed federated identity solutions, connecting users to applications both within and between organizations. Shibboleth can be used to provide access to UCOP, UC system or vendor applications using local authentication such as Active Directory. ITS assists with provisioning Shibboleth for applications, ensuring software is up-to-date and supporting operational Shibboleth-based authentication systems.

Single Sign-on / InCommon Participant Operational Practices. The University of California Office of the President operates multiple service providers within InCommon, as well as the identity provider service for its local community.

All UCOP business system and supporting system owners

The cost of the service is covered by central IT funding. Development / implementation assistance and support for custom integrations is available on a time and materials basis.