Identity Management

Availability: UCOP and Systemwide

Service Description
ITS provides identity management services to enable identity lifecycle management (identity validation, user account creation and provisioning, and user profile information storage / dissemination) for UCOP business system and supporting system owners. The service includes business-facing self-registration/self-service (planned) and supporting identity creation / maintenance, account provisioning, account attribute lookup, and time and materials based development / integration assistance.

Shibboleth. Shibboleth is among the world’s most widely deployed federated identity solutions, connecting users to applications both within and between organizations. Shibboleth can be used to provide access to UCOP, UC system or vendor applications using local authentication such as Active Directory. ITS assists with provisioning Shibboleth for applications, ensuring software is up-to-date and supporting operational Shibboleth-based authentication systems.

Single Sign-on / InCommon Participant Operational Practices. The University of California Office of the President operates multiple service providers within InCommon, as well as the identity provider service for its local community. The following links provide those services' InCommon Participant Operational Practices statements.

UCOP Identity Provider Service [pdf] 

At Your Service Online (AYSO) [pdf]

Effort Reporting Service (for UCSD) [pdf]

How to Request Support
Use the IT Staff Services section of the Service Hub to request support, or call (510) 987-0457.

Availability of Service
24/7, except during planned outages

All UCOP business system and supporting system owners

The cost of the service is covered by the recurring departmental IT utilities fee. Development / implementation assistance and support for custom integrations is available on a time and materials basis.