Requesting Access to UTLogin
For your web site to authenticate using the UT EID and EID password, you will need to be authorized for and use UTLogin.
In order to complete this process, you will need to provide:
For all requests
- Your EID and contact information.
- The EIDs and contact information of your system's technical contacts.
- A descriptive system name of 50 characters or fewer.
- A description of the business purpose of your system.
- A department code of a sponsoring department.
- Information about the particular times of year during which your system will experience high usage, if any.
- The non-secured URL to which you will direct your customers upon logout. (If not www.utexas.edu)
- Information about whether your system will operate in a clustered, load-balanced environment.
As well as...
For Web Policy Agent (WPA) Access
- EIDs of the desired owners and members of the policy administrator group.
- The primary FQDN (fully qualified domain name)
- Additional FQDNs
- Platform (e.g. Apache 2.0, Microsoft IIS 7)
For SAML or API Access
Review our Cloud Integration Guidelines and ensure that your selected Service Provider is sponsored by an official University of Texas entity.
Please e-mail us at firstname.lastname@example.org with general information about your project and your contact information. We will email you a questionnaire to be filled out. Based on your responses to the questionnaire, we will identify which of our SAML providers is right for you. This step may require several iterations to ensure that all the items you should consider are answered and agreed upon.
When the agreement is met, we will send you a detailed IAM Access Request form and AUP for you to fill out. This gives us the specific information we will need to configure your access to the authentication system. You and your Service Provider will be provided with documentation regarding how to integrate your software with our existing, standards-compliant solution. The IAM Team will be available during this time to assist with troubleshooting the integration.
Use this process to request UTLogin for your web application or server:
Visit the UTLogin Request Application, fill out the required information, and submit.
The UTLogin Stewards will review your application and may request clarification or suggest alternative resources based on your request.
A request will be sent to eligible signers for the sponsoring department (the Department Head, IT Owner contact, and IT Security contact), asking them to digitally sign the Acceptable Use Policy. Eligible signers are based on the information in the OHSC.
The Information Security Office (ISO) will review the form and may request clarification or security remediation based on your request. Be sure that your application is registered in the Application Registry and NetContacts, and that you've successfully completed a credentialed network vulnerability scan by the ISO. To arrange a credentialed network vulnerability scan, please email email@example.com.
Once approved, access will be provisioned by the UTLogin Stewards. You will receive an e-mail containing instructions on where to download the appropriate software as well as how to install and configure the software. Credentials will be sent via the Secure Message System.
- ISO Application Registry: The Application Registry is a required tool for application registration and risk assessment. Maintained by the Information Security Office.
- NetContacts: NetContacts is a tool to inventory all of a department’s devices. Maintained by the Information Security Office.
- Organizational Hierarchy System Contacts (OHSC): The OHS Contacts System is a tool used by departments to identify individuals who are authorized to perform specific roles for the department.
- Sponsoring Department Code: The four or seven-character department code from the University Department System for the department that will sponsor this service.
- Technical Contacts: The individuals responsible for the technical implementation of the service that is utilizing UTLogin. Technical contacts should be full-time employees and not student workers.
- Policy Administrators: The individual(s) responsible for managing UTLogin WPA authorization policies. Policy administrators should be full-time employees and not student workers. The same individuals may serve as both policy administrators and technical contacts.
- Web Policy Agent (WPA): A web policy agent installed in a web server intercepts requests from users trying to access a protected web resource, and denies access until the user has authorization to access the resource.
- Metadata URL: The location of configuration data that allows UTLogin to identify your system as a service provider (SP).
Last updated March 25, 2016 @ 11:03 am