Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 24 Next »

The following uhReleasedGrouping values are made available by ITS as an added convenience.  Developers may find it useful to check for these values as part of their application authorization step.

Curated Groupings

Our UH Group Store has a wealth of groups that would be useful to UH applications.  ITS will work with the Data Governance Program to curate a collection of groups from the UH Group Store and make them available via uhReleasedGrouping.

Having a curated collection of groupings in uhReleasedGrouping means your application can check against a lot of official data without having to create a grouping. Of course, if you expect to manage exceptions, you should create your own grouping (usually with some of the groups in our curated collection) and release it.

Remember that uhReleasedGrouping data is only for official use within the UH community and not for release to external parties, except under the terms of a written memorandum of agreement or contract.

Value of uhReleasedGroupingDescriptionAvailable Since

hawaii.edu:store:uhims:general:mfa-enabled

 Person has registered for multi-factor authentication (MFA) and is not in Duo bypass mode. 

If CAS returns this value after a successful authentication, it can be surmised that the person has passed the Duo prompts in the UH Login screen.

(warning) Departmental usernames are currently not supported!

Non-personal usernames who are registered and enabled for Duo will not have this uhReleasedGrouping value.  This might change in the future, but as of this writing, UH Groupings was designed with people as grouping members (as opposed to usernames or email addresses). Departmental usernames are often used by multiple individuals, so their ambiguity seems counter-productive to authentication, authorization and MFA.

9/19/2018

hawaii.edu:store:uhims:general:gcn-compliant

Person has a current acknowledgement of the University of Hawaii General Confidentiality Notice (GCN). See https://www.hawaii.edu/its/acer/

Once completed, compliance is good for the 10/1/year to 9/30/year+1 period when the completion happened, plus an extra year after that.  For example,

  • person renewing on Sep 29, 2020 will be compliant through Sep 30, 2021.
    • 9/29/2020 is in the 10/1/2019-9/30/2020 period, and the subsequent period is 10/1/2020-9/30/2021
  • A person renewing on Oct, 2 2020 will be compliant through Sep 30, 2022.
    • 10/2/2020 is in the 10/1/2020-9/30/2021 period, and the subsequent period is 10/1/2021-9/30/2022

(warning) Updated on a nightly basis only.

11/19/2018

hawaii.edu:store:uhims:general:isat-compliant

Person has a current certification for the UH Information Security Awareness Training Certification (ISAT). See https://www.hawaii.edu/its/acer/

Once completed, compliance is good for the 10/1/year to 9/30/year+2 period when the completion happened, plus an extra 2 years after that.  For example,

  • A person renewing on Sep 29, 2020 will be compliant through Sep 30, 2022.
    • 9/29/2020 is in the 10/1/2018-9/30/2020 period, and the subsequent period is 10/1/2020-9/30/2022
  • A person renewing on Oct, 2 2020 will be compliant through Sep 30, 2024.
    • 10/2/2020 is in the 10/1/2020-9/30/2022 period, and the subsequent period is 10/1/2022-9/30/2024

(warning) Updated on a nightly basis only.

11/19/2018

mfa-enrolled

(use above hawaii.edu:store:uhims:general:mfa-enabled value instead)

Person has registered for multi-factor authentication (MFA).  Does not account for Duo bypass mode.

(warning) This will be removed on January 15, 2019, after everyone has transitioned to hawaii.edu:store:uhims:general:mfa-enabled.

1/22/2018
under-age-of-majority

(warning) No longer available for general use.  Will be removed on January 15, 2019.

Contact its-iam-help@lists.hawaii.edu if you need to build a grouping with this information.

1/31/2018

hawaii.edu:store:<dataOrigin>:aff:<org>:<roleOrRoleCombinations>

(warning) Tentative

Provides more granularity than the generic roles of faculty, staff and student.





  • No labels