UC Federated User Provisioning Project
The UC Federated User Provisioning Project proposes the creation of a common, robust, cost effective, and standards-compliant identity management data provisioning mechanism across identity and service providers within the UC Trust federation.
UC Trust is an identity federation within the University of California. It provides a common infrastructure for identifying users to multi-campus applications, including information that can be used to make authorization decisions. UC Trust relies on Shibboleth to provides that information at the start of an online session. However, many applications need to incorporate and update contextual information about their users at times other than the initial sign-on event.
This project leverages the policies and agreements already established for UC Trust to develop and deploy a second software infrastructure that supports the exchange of identity information before, and independently of, the establishment of a user session.
This project is a step in realigning resources to improve UC administrative efficiency by sharing IT resources and services.
This project intends to deliver the following:
- A detailed technical design/framework for a UC-wide user provisioning mechanism;
- A reference implementation of the technical provisioning framework;
- A plan and team to assist UC Identity Providers with the adoption and deployment of this infrastructure;
Where possible, this project wishes to evaluate and consider partnerships with similar efforts across higher education within the US and around the world.