Application Identity and Access Management Configuration (IAM Grouper)

Who can use it?

Staff

What is it?

Many applications are deployed throughout campus, and require limiting access to certain groups of people. Further, applications themselves may have varying levels of security based on what types of people are involved. For example, if a staff member logs into an application, they may get a different layout and screen than a faculty member, alumni or student.

An access application called Grouper is typically used in these circumstances to create groups of people from predefined access types. Further limiting or expanding these groups on an as-needed basis for UDel (e.g.: adding or removing particular SAP codes, or sub-groups student-workers for the last term only, etc.)

Grouper works in tandem with Informatica group to provide these populations for enrichment to the application. Grouper provides the user population, and Informatica may then fetch these groups and provide enriched data (e.g.: detailed demographic information, etc.) which may be located in other databases throughout campus.

Note

  • A separate request for the Informatica group as part of a Tech Request along with this one may be required.
  • A separate request for SSO as part of a Tech Request along with this one may be required.

Where to get it?

Make sure you have already had the application you are requesting Access configuration for vetted through the Technology Request process and have a plan in place to create accounts. You will need your technology request number to submit a request for Access to confirm the application has been properly vetted.

Click on the Request Service Button to request Grouper Application Access configuration

 

How to use it?

Please be aware that Access integrations may take up to 4-8 weeks to complete

The following information should be obtained from the Vendor and is required in order to submit an Access request:

  1. Do they need to limit access to different classes of users in the Application?
    1. Do they/you limit the users by configuring the application; or
    2. Is UDIT/IAM going to limit the classes of people able to login?
  2. What is their QA/test site we can set up against?
  3. The method of uploading demographic data (if applicable)?
    1. RESTful WebServices API
    2. SCP site for a file, etc.

What are the charges, options & fees?

There is no charge for this service