Shibboleth Integration Request Form

Shibboleth Integration Request Form

This Form is used to request integration with the Rutgers Identity Management (IdM) Federation (SAML) via Shibboleth.

For more information about Shibboleth at Rutgers, visit https://eas.rutgers.edu/?ht_kb=idm-shibboleth

Review and get familiarized with the Shibboleth Request Process Flow at https://eas.rutgers.edu/?ht_kb=shibboleth-request-process-flow

For any questions about Shibboleth, send email to idp_operations@email.rutgers.edu

This form needs to be completed by the Service Provider's representative.

Information Security Review/Approval*

Please indicate whether this Service Provider integration request has already been fully reviewed and approved by the Rutgers Information Security Office (ISO).

See https://it.rutgers.edu/information-security/information-security-risk-management-program/third-party-risk-assessments/ for details.

Select

Please attach the completed copy of the ISO Risk Assessment report using the "Service Provider Description Attachment" upload feature below.

The report will be sent to IdM for review when the rest of the Shibboleth Integration Request Form is completed and submitted.

***IMPORTANT NOTICE***

Please note that the ISO Risk Assessment review and approval is required before this Shibboleth Integration Request can be fully processed.

You may still proceed with completing the rest of this intake form. Once the ISO Risk Assessment has been completed, you can send it to us at idp_operations@email.rutgers.edu and the remainder of the integration process will then be resumed.

Please make sure to fill in the Security Risk assessment found at https://it.rutgers.edu/information-security/information-security-risk-management-program/third-party-risk-assessments/

If you have any questions about the Risk Assessment process, please contact the ISO at https://it.rutgers.edu/information-security/contact-risk-assurance/

Requester's Name*

Requester's Email Address*

Requester's Phone Number*

Phone

Service Provider Description*

Please provide a description of what type of service you are planning to provide to Rutgers University. You can also attach a document below.

Service Provider Description Attachment

You can provide an attachment here if available. You may also attach Service Provider Metadata files, ISO Risk Assessment reports, or any applicable Data Privacy/Protection documents. You can compress multiple files as one ZIP file.

Drag and drop files here or

Describe how you currently provision accounts in your application/system:*

For example:

Data feed/batch file from Rutgers - describe how frequently you will receive the data feed, and describe method of delivery (e.g., secure transfer, FTP, etc.)

Just in time (JIT) provisioning: Provision a user "on the fly" upon successful login based on attributes received from Shibboleth

Service Provider Hosted Location*

Please indicate where the Service Provider's application/service is hosted.

Select

Initiated Single Sign-On (SSO) Support*

Who initiates the single sign-on? Your application/system (SP-initiated) or Rutgers (IdP-initiated)?

Select

Service Provider Technical Contact's Name*

Please provide the Name of the Service Provider's Technical Contact.

Service Provider Technical Contact's Email Address*

Please provide the Email Address for the Service Provider's Technical Contact. This Email Address will be added to the Rutgers Shibboleth Announcements Mailing List, which is used for communicating any timely status updates or news regarding our SSO system.

We strongly recommend providing a shared/common non-personal Email Address (e.g., support@serviceprovider.com instead of John.Smith@serviceprovider.com).

Service Provider Technical Contact's Phone Number*

Please provide the Phone Number for the Service Provider's Technical Contact.

Phone

Check if the Service Provider is a member of NJEdge

For more information, see https://njedge.net/membership/current-members/

Check if the Service Provider is a member of the InCommon Federation

For more information, see https://www.incommon.org/community-organizations/

InCommon SP Daily Metadata File Refresh

Does the InCommon Service Provider retrieve the Federation's metadata file on a daily/regular basis?

Select

Check if the Service Provider is a member of the REFEDS Research and Scholarship (R&S) Category

For more information, see https://spaces.at.internet2.edu/display/federation/research-and-scholarship

Service Provider Test Entity ID

Please provide the Service Provider's Test Entity ID.

Service Provider Test URL

Development or Test URL where the Rutgers IdP will send the SAML Response.

Service Provider Production Entity ID*

Please provide the Service Provider's Production Entity ID.

Service Provider Production URL*

Production URL where the Rutgers IdP will send the SAML Response.

Requested Attributes*

Please provide a list of attributes that you would like the Rutgers IdP to release in the SAML Response.

Please note that further approval may be required by the Data Custodians to release certain attributes.

If requested attributes are not listed, an opaque unique identifier will be provided in the SAML Response.

Rutgers Primary Business Contact's Name*

Please provide the Name for the Rutgers Business contact. This person is the official Rutgers sponsor or stakeholder for the Service Provider.

Rutgers Primary Business Contact's Email Address*

Please provide the Email Address for the Rutgers Business contact. This person is the official Rutgers sponsor or stakeholder for the Service Provider.

Rutgers Primary Business Contact's Phone Number*

Please provide the Phone Number for the Rutgers Business contact. This person is the official Rutgers sponsor or stakeholder for the Service Provider.

Phone

Used By*

Please indicate below which types of people at Rutgers will be accessing the Service Provider. You can consult the Rutgers Business contact to provide these details.

Attributes will be released only for those types of users specifically indicated below, and may require additional Data Custodian approval.

Please note that if you choose Staff and/or Faculty, attribute release for Guests will also be included by default.

Used By - Other

Please specify which other populations will be accessing the Service Provider.

Expected Usage*

What is the projected number of authentications per day? You can consult the Rutgers Business contact to provide this detail.

Select

When do you expect this to be in Production?*

We will do our best to meet your anticipated timeline. You can consult the Rutgers Business contact to provide this detail.

Acknowledgement and Agreement with Data Protection and Privacy Policies*

As the primary initiator for integration with Rutgers Shibboleth, I acknowledge that it is my responsibility to ensure that the Service Provider (SP) understands and adheres to any and all applicable local, state, federal, and/or institutional policies governing the privacy and protection of any data released via Shibboleth (see Policy 70.1.2 regarding Information Classification for details).

Specifically, the SP acknowledges and understands that it shall undertake any necessary process or procedure for the continuous safeguarding of any information received via Shibboleth, using best practices including, but not limited to, encryption at rest, physical/logical security compartmentalization, appropriate network/firewall restrictions, etc.

The SP also acknowledges and understands that it shall not share, disclose, rent, sell, disseminate or use for any unauthorized purpose any data received from Rutgers with any other parties without the express written permission of an authorized agent on behalf of Rutgers University.

Please note that submission of this form does not automatically guarantee integration with the Rutgers Shibboleth system. All submissions will be reviewed and may be subject to Data Custodian approval. We may also contact you to request further information or documentation regarding the SP's data protection and privacy policies.

You will be contacted when a final decision has been reached.

Send me a copy of my responses

Privacy Notice|Report Abuse