IT Services has migrated the content of spaces.ais.ucla.edu to Atlassian Confluence Cloud. Please visit https://ucla-confluence.atlassian.net to update your space/s. Spaces.ais.ucla.edu is now in read-only mode through July 31st, 2024
Wiki Markup |
---|
h2. Provisioning Access via Shibboleth-delivered Role Data {flowchart} fontsize="12"; rank=same; node [shape=rect]; login [style=rounded, label="User Signs In"]; has_access [shape=diamond , label="does user have access?"]; has_data [shape=diamond, label="does shib assert enough role data for can sp to provision access?"]; provision [label="sp provisions access using shib-delivered data"]; register [label="triggers workflow to ask admin to assign permission"]; assign_access [label="admin assigns role in permission management system"]; role_update [label="triggers group/role/entitlement data update in Directory"]; arp_update [label="triggers IDP ARP Update"]; done [style=rounded, label="user enters application"]; note1 [style=note, label="provision using role data supplied in Shib response"]; login -> has_access; has_access -> done [label="yes"]; has_access -> has_data [label="no"]; has_data -> provision; provision -> done; has_data -> register; register -> assign_access; assign_access -> role_update; role_update -> arp_update; note1 -> has_data [arrowhead=none]; {flowchart} |