Authentication for Web Based Services – Setup Request
This procedure is for UF departments to request the establishment of a Service Provider that can use a Shibboleth-based UF GatorLink Authentication service via login.ufl.edu. UF GatorLink Authentication allows for Web-based and non Web-based applications to accept GatorLink credentials.
The following procedure is required for adding, removing, or updating an attribute release policy in the UF Authentication system.
Questions should be directed to the Identity Services Team.
Steps in the Request Process
For New SPs or significant changes to existing SPs please make sure you have an up to date risk assessment of your application. Please go to the Risk Assessment page to begin. The Risk Assessment number will need to be on the Request Form you submit.
- Download and Complete the appropriate Request Form.
- UF Service Provider: FormUFSvcProviderGatorLinkAuthenticationRequest-2.0
- NON-UF Service Provider: FormNonUFSvcProviderGatorLinkAuthenticationRequest-2-0
- The requestor should ensure departmental awareness of the request.
- Submit the UF Service Provider Request by ticket to the Identity Services Team. Tickets should be created by the ISM or the Technical Contact for the SP being requested. Create Ticket
- Identity Services will review the request and work with the requesting department and campus-at-large and will make any needed changes or adjustments to the request.
- The request is accepted or denied.
- The request is implemented as approved. Technical staff will communicate and establish the new service.
Note: Most areas need to consider how testing will be done and if they need a test service included. This is a preferred and recommended practice. In some large enterprise areas multiple test and development areas might need to be established for the service provider (SP) to deploy applications. The SP should be requested/configured with multiple entityID identifiers for application testing environment as needed.
UFIT metadata submission URL is: https://admin.ict.it.ufl.edu/shibboleth/upload-metadata.cgi
IdP metadata for Production IdP: https://login.ufl.edu/login.ufl.edu.xml
The Information required for a “Service Provider Gatorlink Authentication Setup Request” is described below. Complete and accurate information is required to process a request. The reviewers will consult with appropriate data principles based on the Attribute Release Policies indicated on the request.
|College/Division||Provide the college/division name where requesting service will be operated.|
|Department ID||Provide the PeopleSoft UF Department Identifier where the requesting service will be operated. this is an 8-Character value e.g., 69010000.|
|Department Name||Provide the department name where the requesting service will be operated.|
|UF Department Workgroup||The work group (sub-department) allowing for easy communication with department staff.|
|Description of the Application for this Service Provider (SP)||Narrative that explains the function, users, and data involved and other pertinent facts regarding the application to be accessed via this request. This will allow the request to be evaluated and approved (the administrator should be able to understand what, who, when, how of the application at a high level from this description.)|
|UFID of Administrative Party Responsible||Provide the UFID of the DDD/administrator responsible for the requesting UF area.|
|Name of Administrative Party Responsible||This is the Name of DDD/administrator responsible for the requesting UF area.|
|Campus Address (PO Box)||The UF mailing address for the requesting department, usually a UF PO box.|
|Address (Physical)||The physical location of the servers running the service.|
|Email address||Provide the email address for the responsible party.|
|UFID of ISA||Provide the UFID of the ISA responsible for the requesting UF unit.|
|Name of ISA(Institutional Security Administrator)||Provide the name of the ISA responsible for the requesting UF unit.|
|UFID of ISM||Provide the UFID of the ISM responsible for the requesting UF unit.|
|Name of ISM(Institutional Security Manager)||Provide the Name of the ISM responsible for the requesting UF unit.|
|UFID of Tech Contact||Provide the UFID of the technical contact for this service.|
|Name of Tech Contact||Provide the name of the technical contact for this service.|
|Attribute Release Policy(ies)(ARP) requested||Provide a list of the ARP the service provider is requesting. this will be one or more of the available ARPs at the time of the request.|
|Additional Comments||Additional info the requester would like to share with the reviewers evaluating this request.
Please place the Risk Assessment Number here.