Duke IT Security Logo just a line

Authentication Implementation


The University IT Security Office is often contacted with questions about implementing authentication, so we have coordinated the process below with other OIT groups that are involved in enabling authentication. User authentication against centrally maintained identity information is available at Duke. Since some identity information is not public, requests for access to non-public data must be reviewed.

If you are planning to enable authentication for a web-based application, the first group to contact is the University IT Security Office (security@duke.edu). The IT Security Office will work with you to determine the safest way to achieve the level of authentication needed for your site. The Identity Management Office (idm-help@duke.edu) will assist you in developing functional requirements and in obtaining permission to access any non-public attributes that are requested.

Once your technical requirements are complete, you can submit them to the IS group (oit-casi-is@duke.edu, and cc: Heather Flanagan and Carl Ross) for development and implementation.

It is possible to collect a variety of attributes during authentication ("DUID" and "fullname", for example). Shibboleth and WebAuth can provide many of the attributes stored in the Identity Management system.