Current State Specification
Miami uses Microsoft Active Directory 2012, OpenLDAP, Shibboleth (InCommon federation), and Central Authentication Service (CAS) for authentication/Single Sign-on. See the following for Miami's authentication preferences:
- Best: CAS; Shibboleth (with InCommon membership preferred)
- Better: OAuth
- Acceptable: Microsoft EntraID, Custom SSO service that doesn't expose our user credentials
- Undesirable: Credential sync, direct LDAP (OpenLDAP) or AD integration; Credential management API (requires integration with Miami's IAM platform)
- Unacceptable: Independent password store
- Describe which of our authentication methods and protocols you support and outline any additional costs required to implement them.