Scope
One goal of the IAM Strategic Roadmap is to deploy a consolidated authentication service that adopts standards-based web single sign-on and is cloud resilient. The University benefits from having a consolidated standardized authentication service to reduce support and integration overhead. Currently, there are several authentication services which cause disparate user experiences and mixed support needs. Lastly, the main authentication service, UTLogin, is at end of life requiring replacement.
The IAM team will transition all authentication customers to Enterprise Authentication. To prepare for this transition, a new instance of the Shibboleth Identity Provider (IdP) software will be established in order to provide the latest benefits of the software to the university. Austin Active Directory will serve as the directory backend. The transition will first focus on UTLogin v1 customers and, later, UT Shibboleth customers. At the conclusion of the transition, the UTLogin and UT Shibboleth services will be retired.
Goals
The primary success criteria for Enterprise Authentication will be:
-
Goal 1: Deploy UTLogin v2 – Ensure customers who have complex UTLogin v1 deployments have a fully vendor-supported environment.
-
Goal 2: Establish the Enterprise Authentication Service – Ensure the new instance of the Shibboleth Identity Provider (IdP) is architected and deployed to meet customer and disaster recovery requirements with Active Directory as the directory backend.
-
Goal 3: Transition customers to Enterprise Authentication – Complete the transition of all authentication customers to Enterprise Authentication.
Timeline
The Enterprise Authentication was made available in September 2019. Transition of UTLogin customers to Enterprise Authentication began in September 2019 and is expected to last until Fall 2020. Please check the Transition section for more details and information as they become available.