IT Services has migrated the content of spaces.ais.ucla.edu to Atlassian Confluence Cloud. Please visit https://ucla-confluence.atlassian.net to update your space/s. Spaces.ais.ucla.edu is now in read-only mode.
| Wiki Markup |
|---|
h2. Provisioning Access via Shibboleth-delivered Role Data
{flowchart}
fontsize="12";
node [shape=rect];
rank=same;
has_data [label="does shib assert enough role data for sp to provision access?"]
provision [label="sp provisions access using shib-delivered data"];
login [style=rounded, label="User Signs In"];
register [label="triggers workflow to ask admin to assign permission"];
assign_access [label="admin assigns role in permission management system"];
role_update [label="triggers group/role/entitlement data update in Directory"]; updates
arp_update [label="triggers IDP ARP Update"];
done [style=rounded, label="user enters application"];
has_access [shape=diamond , label="does user have access?"];
login -> has_access;
has_access -> has_data [label="no"];
has_access -> done [label="yes"];
has_data -> provision;
provision -> done;
has_data -> register;
register -> assign_access;
assign_access -> role_update;
role_update -> arp_update;
{flowchart} |