Requesting Access to UTLogin
For your web site to authenticate using the UT EID and EID password, you will need to be authorized for and use UTLogin.
In order to complete this process, you will need to provide:
For all requests
- Your EID and contact information.
- The EIDs and contact information of your system's technical contacts.
- The EIDs and contact information of your system's business contacts.
- A descriptive system name of 50 characters or fewer.
- A description of the business purpose of your system.
- A department code of a sponsoring department.
- Information about the particular times of year during which your system will experience high usage, if any.
- The non-secured URL to which you will direct your customers upon logout. (If not www.utexas.edu)
- Information about whether your system will operate in a clustered, load-balanced environment.
As well as...
For Web Policy Agent (WPA) Access
- The group EID of your policy administrator group or, if you don't have one, EIDs of the desired owners and members of the policy administrator group.
- The primary FQDN (fully qualified domain name)
- Additional FQDNs
- URL paths to be excluded from authentication, if any
- Platform (e.g. Apache 2.0, Microsoft IIS 7)
For SAML or API Access
These methods of access are not currently available. We will offer them in a future release.
Use this process to request UTLogin for your web application or server:
Visit the UTLogin Request Application, fill out the required information, and submit.
The UTLogin Stewards will review your application and may request clarification or suggest alternative resources based on your request.
A request will be sent to eligible signers for the sponsoring department (the Department Head, IT Owner contact, and IT Security contact), asking them to digitally sign the Acceptable Use Policy. Eligible signers are based on the information in the OHSC.
The Information Security Office (ISO) will review the form and may request clarification or security remediation based on your request. Be sure that your application is registered in the Application Registry and NetContacts, and that you've successfully completed a credentialed network vulnerability scan by the ISO. To arrange a credentialed network vulnerability scan, please email firstname.lastname@example.org.
Once approved, access will be provisioned by the UTLogin Stewards. You will receive an e-mail containing instructions on where to download the appropriate software as well as how to install and configure the software. Credentials will be sent via the Secure Message System.
- Business contacts: The individuals responsible for making business decisions regarding the service being provided. These contacts do not need to understand the technical implementation of UTLogin, but must understand which of their services are using UTLogin.
- ISO Application Registry: The Application Registry is a required tool for application registration and risk assessment. Maintained by the Information Security Office.
- NetContacts: NetContacts is a tool to inventory all of a department’s devices. Maintained by the Information Security Office.
- Organizational Hierarchy System Contacts (OHSC): The OHS Contacts System is a tool used by departments to identify individuals who are authorized to perform specific roles for the department.
- Sponsoring Department Code: The 4- or 7-character department code from the University Department System for the department that will sponsor this service.
- Technical Contacts: The individuals responsible for the technical implementation of the service that is utilizing UTLogin. They must have an intimate knowledge of the particular platform that the service is using as well as how the service is using authentication data. Technical contacts should be full-time employees and not student workers.
- Policy Administrators: The individual(s) responsible for managing UTLogin WPA authorization policies. Policy administrators should be full-time employees and not student workers. The same individuals may serve as both policy administrators and technical contacts.
- Web Policy Agent (WPA): A web policy agent installed in a web server intercepts requests from users trying to access a protected web resource, and denies access until the user has authorization to access the resource.
- Metadata URL: The location of configuration data that allows UTLogin to identify your system as a service provider (SP).
Last updated January 21, 2014 @ 2:27 pm