Educause Security Discussion mailing list archives

Re: InCommon Federation with Azure as IDP

From: Dedra Chamberlin <dedra () CIRRUSIDENTITY COM>
Date: Wed, 27 Jan 2021 14:04:01 -0800

Thanks Ann and Joe.

In case it's helpful...

If anyone out there is having a challenge explaining to management why
participation in InCommon is important, and why the Azure AD IdP can't be
registered in InCommon directly, we put together a blog post that we hope
will help:

https://blog.cirrusidentity.com/multilateral-federations-and-azure-ad

Happy 2021 all,

- Dedra


* Dedra Chamberlin*
 CEO
 510.710.1554
 @dedrachamberlin
 www.cirrusidentity.com <http://cirrusidentity.com>




On Wed, Jan 27, 2021 at 9:32 AM Joe Ryan (he/him/his) <jryan () educause edu>
wrote:

Hi Eric,



We use Cirrus Bridge internally at EDUCUASE for Azure AD SSO to web
applications. I’d be happy to discuss our experience with the product if
you’d like.



Thank you,

Joe



--

*Joe Ryan*

Director, IT Operations

Need assistance? Get help at https://servicedesk.educause.edu/
*EDUCAUSE*
*Uncommon Thinking for the Common Good*
educause.edu <http://www.educause.edu/>





*From: *The EDUCAUSE Security Community Group Listserv <
SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Eric Kurtz <
000001e3be18ab7c-dmarc-request () LISTSERV EDUCAUSE EDU>
*Reply-To: *The EDUCAUSE Security Community Group Listserv <
SECURITY () LISTSERV EDUCAUSE EDU>
*Date: *Friday, January 22, 2021 at 9:12 AM
*To: *"SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU>
*Subject: *Re: [SECURITY] InCommon Federation with Azure as IDP



Thanks for the lead. I will reach out to them.   Did I miss this somewhere
in the documentation.



*Eric Kurtz*
*Senior Enterprise Systems Engineer* | Information Technology Services

*PENNSYLVANIA COLLEGE OF TECHNOLOGY*
*+   o  +*
One College Avenue, Williamsport, PA 17701
570.320.2400 x4975 | egk4 () pct edu



*From:* The EDUCAUSE Security Community Group Listserv <
SECURITY () LISTSERV EDUCAUSE EDU> *On Behalf Of *Ann West
*Sent:* Friday, January 22, 2021 10:56 AM
*To:* SECURITY () LISTSERV EDUCAUSE EDU
*Subject:* Re: [SECURITY] InCommon Federation with Azure as IDP



Hi Eric,



Cirrus Identity, one of our InCommon Catalyst Providers, offers a
federation bridge for Azure.

Check it out here: https://www.cirrusidentity.com/products/bridge
<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.cirrusidentity.com%2Fproducts%2Fbridge&data=04%7C01%7C%7Cb068137b557f430ab54308d8bef086ff%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C637469287585464584%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=WCIKyeL%2Fj4F%2Fshm5Ka5%2F%2F9XN7bx00ranxLuEJ7cpSQ8%3D&reserved=0>



Cheers,

Ann



Ann West

AVP, Trust and Identity
ED, InCommon

Internet2

W:720.379.9666





*From: *The EDUCAUSE Security Community Group Listserv <
SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Eric Kurtz <
000001e3be18ab7c-dmarc-request () LISTSERV EDUCAUSE EDU>
*Reply-To: *The EDUCAUSE Security Community Group Listserv <
SECURITY () LISTSERV EDUCAUSE EDU>
*Date: *Friday, January 22, 2021 at 7:41 AM
*To: *"SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU>
*Subject: *[SECURITY] InCommon Federation with Azure as IDP



Has anyone done InCommon Federation with Azure SSO, (Enterprise
Applications).  We would like to move away from Shibboleth and have all our
SSO through Azure where we can control access and MFA in one spot.  Any
assistance would be appreciated.



*Eric Kurtz*
*Senior Enterprise Systems Engineer* | Information Technology Services

*PENNSYLVANIA COLLEGE OF TECHNOLOGY*
*+   o  +*
One College Avenue, Williamsport, PA 17701





------------------------------

This email may contain confidential information about a Pennsylvania
College of Technology student. It is intended solely for the use of the
recipient. This email may contain information that is considered an
“educational record” subject to the protections of the Family Educational
Rights and Privacy Act Regulations. The regulations may be found at 34
C.F.R. Part 99 for your reference. The recipient may only use or disclose
the information in accordance with the requirements of the Federal
Educational Rights and Privacy Act Regulations. If you have received this
transmission in error, please notify the sender immediately and permanently
delete the email.

**********
Replies to EDUCAUSE Community Group emails are sent to the entire
community list. If you want to reply only to the person who sent the
message, copy and paste their email address and forward the email reply.
Additional participation and subscription information can be found at
https://www.educause.edu/community
<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7C%7Cb068137b557f430ab54308d8bef086ff%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C637469287585474576%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=PakB%2Fk1yKm8OHDc9pMU7DpfeKl46864TFTwiko2bK9I%3D&reserved=0>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire
community list. If you want to reply only to the person who sent the
message, copy and paste their email address and forward the email reply.
Additional participation and subscription information can be found at
https://www.educause.edu/community
<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=04%7C01%7C%7Cb068137b557f430ab54308d8bef086ff%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C637469287585484572%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=Yoj9MK6wPDTAAsrYGaQKnBBuUoIzK6trYNojNqUHphc%3D&reserved=0>


------------------------------

This email may contain confidential information about a Pennsylvania
College of Technology student. It is intended solely for the use of the
recipient. This email may contain information that is considered an
“educational record” subject to the protections of the Family Educational
Rights and Privacy Act Regulations. The regulations may be found at 34
C.F.R. Part 99 for your reference. The recipient may only use or disclose
the information in accordance with the requirements of the Federal
Educational Rights and Privacy Act Regulations. If you have received this
transmission in error, please notify the sender immediately and permanently
delete the email.

**********
Replies to EDUCAUSE Community Group emails are sent to the entire
community list. If you want to reply only to the person who sent the
message, copy and paste their email address and forward the email reply.
Additional participation and subscription information can be found at
https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire
community list. If you want to reply only to the person who sent the
message, copy and paste their email address and forward the email reply.
Additional participation and subscription information can be found at
https://www.educause.edu/community


**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Current thread:

InCommon Federation with Azure as IDP Eric Kurtz (Jan 22)
- <Possible follow-ups>
- Re: InCommon Federation with Azure as IDP Ann West (Jan 22)
  - Re: InCommon Federation with Azure as IDP Eric Kurtz (Jan 22)
    - Re: InCommon Federation with Azure as IDP Ann West (Jan 22)
    - Re: InCommon Federation with Azure as IDP Joe Ryan (he/him/his) (Jan 27)
    - Re: InCommon Federation with Azure as IDP Dedra Chamberlin (Jan 27)