Developers of online applications who wish to use HarvardKey for authenticating their users must register their applications with the Identity & Access Management program. Registration provides a measure of security by protecting users from "rogue" applications that may want to hijack an authenticated user session during the authentication process. Registration also allows the University to ensure that authentication services are provided only to applications developed by faculties and departments.
Information Required for Registration
- The school/unit and department responsible for the application.
- The name and email of the person requesting the registration, the application's technical practice owner, the business owner, the project coordinator, and the main developer.
- A generic email address for communicating system-related announcements that will not change with turnover of personnel.
- The name, description, and general user population of the application.
- The service provider (internal/external).
- The authorization method (LDAP/internal/other).
- An indication of the desired single sign-on options
- A list of login types allowed for the application (such as HarvardKey, XID, or eCommons).
For each instance of the application (development, test, production, etc.):
- The URL from which users are directed to the authentication system.
- The URL to which users are directed by the system after successfully authenticating.
- The location of the application server hosting the instance.
- The date by which the instance is needed.
Information Returned by IAM Upon Registration
Once an application is registered, the Identity & Access Management program team will provide the application administrator with the registration name and guidance on how to integrate with HarvardKey.