| Affiliation |
A label applied to a user. The user must meet the criteria for the affiliation to gain the label. Each affiliation has its own criteria that must be met for it to be applied to a user. Historically, the word “classification” was used in place of affiliation |
| |
Primary |
A user can only have one primary affiliation. This is the affiliation that will be used in the event that a user has more than one affiliation assigned. The primary affiliation will always be the affiliation with the highest priority. See affiliation priority |
| |
Secondary |
A secondary affiliation is any affiliation that is assigned to a user but is not the primary. If a user has multiple affiliations, we refer to all non-primary affiliations as secondary affiliations |
| |
Multiple |
A user may have multiple affiliations assigned. Any affiliation can apply to any user provided they meet the criteria for that affiliation |
| |
Priority |
The rank of affiliations at Miami University. This is used when users have multiple affiliations. The affiliation with the highest priority will be the primary affiliation. Any lower-ranking affiliations will be referred to as that user’s secondary affiliations |
| Entitlement |
A user’s inherent right to have an account provisioned in a target system. Entitlements are determined by a user’s affiliation. In the case when a user has multiple affiliations where an entitlement conflicts, the primary affiliation’s entitlement will win |
| Lifecycle |
The time period and associated milestones attributed to an affiliation |
| Provision |
To create and ensure the existence of an account for a user in a target system |
| Deprovision |
To remove and ensure the non-existence of an account for a user in a target system |
| Genservok |
A true/false flag for each user that indicates a user is entitled to “general services” at Miami. This flag is set based on a user’s assigned affiliations |
| Entity |
An affiliation that is not representative of a person. A user with this affiliation is not a real person but must be created with trustees. In practice, student groups and academic offices are examples of ways entity accounts are used |
| Trustee |
Miami user who assumes responsibility for the sharing and usage of an entity account |
| Courtesy |
An affiliation assigned to a user who needs access to University target systems but is not awarded any other affiliations to accomplish that access. Courtesy accounts are often used for contractors who are working with or for the university but are not on University payroll |
| Account |
A user entry in a system |
| Family |
An affiliation given to a user who is awarded an account by a student via the FERPA app. This type of user is not assigned a UniqueID, but instead uses their non-Miami email address as a username to login to Miami systems |
| Community |
An affiliation given to a user who is a Miami community member. These members have less entitlements and are tangentially associated with the university. Examples are: otherwise unaffiliated Rec Center members and contracted dining hall employees |
| Emeritus |
An affiliation given to a user who has been validated by the university to meet the criteria published to acquire the Emeritus/Emerita Designation |
| Retiree |
An affiliation given to a user who has been validated by the university to meet the criteria published to be considered a retiree |
| Student |
An affiliation used for labeling and grouping users in the Undergraduate, Graduate, International Student and Enrollment Eligible affiliations. This affiliation has no entitlements by design and cannot be a user’s primary affiliation |
| Undergraduate |
An affiliation given to a user who is enrolled as a student at the university and is seeking an undergraduate degree |
| Graduate |
An affiliation given to a user who is enrolled as a student at the university and is seeking a graduate degree |
| Enrollment Eligible |
An affiliation given to a user who has been admitted to the university and has no enrollments in the current or future terms |
| Alumni |
An affiliation given to a user when a degree has been awarded by the university and the University Advancement office grants the user alumni status |
| International Student |
An affiliation given to a user who is a student at the university and has a specific visa status. This affiliation can only be applied while the user also has another active affiliation |
| Life Long Learner |
An affiliation given to a user who is taking for-credit courses as part of the Institute for Learning in Retirement. This affiliation is also applied to students admitted under Conditional Admission |
| Enrollments |
A list of courses a user is registered to take in a given term |
| Department |
A titled office on campus consisting of a defined list of users |
| Group |
A named collection of users that can be referred to by name for access, entitlements and communications |
| Password |
A phrase that only the user should know that is paired with a username/UniqueID |
| |
Reset |
A process by which a university administrator changes a user’s password to a value known to the user. After a password reset, a user is forced to update their password to a new, secret value |
| |
Recovery |
A process initiated and followed by a user to change their password value when they have forgotten their password |
| |
Management |
The tools and processes around the changing of passwords |
| |
Standard |
The rules that must be followed when creating a new password value |
| |
Sync |
A process that pushes an updated password value for a user from RapidIdentity to all appropriate target systems. This process is triggered automatically any time a password is changed in RapidIdentity |
| |
Expiration |
The process of a password becoming invalid based on a date value |
| |
Force reset |
The process by which a user is forced to change their password value due to a triggering event |
| |
Grace Period |
The time period before a password expiration during which the user is notified that their password is about to expire and should be changed |
| |
Default |
A deprecated method by which a user is granted access to their account and immediately required to change their password. The default password is constructed with information the user knows. |
| Login |
Verb. To provide accurate credentials and gain access to a system |
| |
Interrupt |
An event that disrupts the login cycle of a user when logging in via CAS. The interrupt may be triggered by various circumstances that require the user’s attention |
| RapidIdentity |
The software that manages Miami’s Identity MetaDirectory. This includes MetaDirectory configurations and settings, password management and policies, Action Sets (scripts) and Job scheduling |
| Identity Automation |
The vendor that provides the RapidIdentity software |
| Identity |
The fact of being who or what a person or thing is |
| Access |
To enter, obtain, examine or retrieve data |
| Authentication |
The process or action of verifying the identity of a user or process |
| Authorization |
The giving and obtaining of permission to access data or a system |
| Passwordless |
Authentication without the input of a password or passphrase |
| Social login |
Login to a Miami system using credentials maintained by another platform such as with social media: Facebook, Google (personal account), Apple ID, etc. |
| Action set |
A set of code that executes much like a script within RapidIdentity and has access to other action sets and code libraries within RapidIdentity |
| Job |
A scheduled execution of an action set. Can be recurring |
| Permissions |
Settings that govern the allowed access to data sets or system functionality |
| Directory |
A data store listing users and/or entities |
| MetaDirectory |
The internal data store of identity data inside RapidIdentity |
| Downstream |
Adjective used to describe systems that consume identity data from RapidIdentity’s MetaDirectory |
| Target |
Descriptor for a system indicating it receives identity data pushes from RapidIdentity |
| Source |
Descriptor for a system indicating it owns identity data which is sent to RapidIdentity |
| Source of Authority |
A source that holds authority over a given data point that is stored in the MetaDirectory |
| |
|