IT Services will migrate spaces.ais.ucla.edu content to the Atlassian Confluence Cloud. Spaces will be in read-only mode after June 22nd.
UCTrust Workgroup
Child pages
  • eAcademyUpdate

Versions Compared

Old Version 5

changes.mady.by.user Wu, Albert

Saved on

compared with

New Version 6

changes.mady.by.user Wu, Albert

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

 

Option 1 - Shibboleth Attribute Assertion

Option 2 - Back Channel Data Feed

Description

Campus IDP aggregates local MCCA eligibility data and transforms it into eduPersonEntitlement values.

Campus prepares back channel data feed, either via IDM office or Software Licensing office and delivers to eAcademy. eAcademy resolves individual's eligibility using supplied feed and user identifier (most likely ePPN) coming through Shibboleth.

Pro

  • There is no separate data feed out of the campus. One less process to maintain.
  • The technique better aligns with Shibboleth practice and scales better in the long run.

...

  • Back channel feed may be easier to implement for the IDP, especially if the Software License office already tracks individual eligibility in a central database. |

    Con

    • Depending on the IDP's readiness to assert entitlement values, this can trigger substantial work on the IDP side.
    • The technique is another one off data feed. It doesn't scale well longer term.

...