UTLogin: Requesting Access to UTLogin
The Identity and Access Management (IAM) team is transitioning UTLogin customers to Enterprise Authentication. More information on this transition can be found on the Transition to Enterprise Authentication Project page. New customers should consult our Integration site. This transition does not affect the ongoing support of current UTLogin WPA and/or SAML2 customers.
For your web site to authenticate using the UT EID and EID password, you will need to be authorized for and use UTLogin.
In order to complete this process, you will need to provide:
For all requests
- Your EID and contact information.
- The EIDs and contact information of your system's technical contacts.
- A descriptive system name of 50 characters or fewer.
- A description of the business purpose of your system.
- A department code of a sponsoring department.
- Information about the particular times of year during which your system will experience high usage, if any.
- The non-secured URL to which you will direct your customers upon logout. (If not www.utexas.edu)
- Information about whether your system will operate in a clustered, load-balanced environment.
As well as...
For SAML Access
Review our Cloud Integration Guidelines and ensure that your selected Service Provider is sponsored by an official University of Texas entity.
Please e-mail us at firstname.lastname@example.org with general information about your project and your contact information. We will email you a questionnaire to be filled out. Based on your responses to the questionnaire, we will identify which of our SAML providers is right for you. This step may require several iterations to ensure that all the items you should consider are answered and agreed upon.
When the agreement is met, we will send you a detailed IAM Access Request form and AUP for you to fill out. This gives us the specific information we will need to configure your access to the authentication system. You and your Service Provider will be provided with documentation regarding how to integrate your software with our existing, standards-compliant solution. The IAM Team will be available during this time to assist with troubleshooting the integration.
Use this process to request UTLogin integration for your web application or server:
Visit the UTLogin Request Application, fill out the required information, and submit.
The UTLogin Stewards will review your application and may request clarification or suggest alternative resources based on your request.
A request will be sent to eligible signers for the sponsoring department (the Department Head, IT Owner contact, and IT Security contact), asking them to digitally sign the Acceptable Use Policy. Eligible signers are based on the information in the OHSC.
The Information Security Office (ISO) will review the form and may request clarification or security remediation based on your request. Be sure that your application has been hardened in accordance with the ISO's Minimum Security Standards for Systems (particularly section 4.5), has been registered in the Application Registry and IoTron, and that you have successfully completed a credentialed network vulnerability scan by the ISO. To arrange a credentialed network vulnerability scan, please email email@example.com.
Once approved, access will be provisioned by an Integration Engineer. You will receive an e-mail containing instructions on where to download the appropriate software as well as how to install and configure the software. Credentials will be sent via Stache.
- ISO Application Registry: The Application Registry is a required tool for application registration and risk assessment. Maintained by the Information Security Office.
- NetContacts: NetContacts is a tool to inventory all of a department’s devices. Maintained by the Information Security Office.
- Organizational Hierarchy System Contacts (OHSC): The OHS Contacts System is a tool used by departments to identify individuals who are authorized to perform specific roles for the department.
- Sponsoring Department Code: The four or seven-character department code from the University Department System for the department that will sponsor this service.
- Technical Contacts: The individuals responsible for the technical implementation of the service that is utilizing UTLogin. Technical contacts should be full-time employees and not student workers.
- Metadata URL: The location of configuration data that allows UTLogin to identify your system as a service provider (SP).