Departments or units that wish to integrate applications with any UGA SSO environment—Development, Staging, or Production—must submit an integration request using the UGA SSO Integration Request Form.
Information Required in the Request Form
Application owners will be asked to provide:
- URLs for each environment: Development, Staging, and Production
- A list of identity attributes to be returned to the application
- Whether the application requires ArchPass two-step login, powered by Duo
- The SSO protocol to be used: CAS, SAML, or OIDC
- If using SAML, a metadata file or metadata URL must be included
- The expected timeframe for moving the application into production
Once submitted, the request initiates a workflow managed by EITS Identity Management and Information Security teams. The application owner will receive updates and communications through the ticketing system.
Note: All new applications begin in the Development environment and will only move forward to Stage and Production environments after all security reviews and testing is complete.
Timeline and Review Process
Please allow at least eight weeks from the time of request submission to the scheduled production go-live date, assuming no issues are identified. All newly registered applications undergo a security review and vulnerability scan by the EITS Information Security team.
Testing the Integration
Testing is the responsibility of the application owner. This includes:
- Verifying functionality in Development, Staging, and Production
- Testing after SSO maintenance windows
- Testing after any application changes that affect SSO (e.g., certificate updates, attribute changes)
Application owners must attest that testing has been completed successfully at key points in the integration workflow.
Test Accounts
Test MyID accounts can be requested to simulate authentication scenarios. These accounts can be configured to reflect specific authorization criteria or attribute mappings.
Request via the Test MyID Checkout Form
Application Owner Responsibilities
- Must be listed as the primary contact for the SSO configuration
- Responsible for creating and executing a test plan
- Must sign off on successful integration in all environments
- Must notify EITS when the application is decommissioned
- Responsible for coordinating communications with vendors involved in application integration and testing.
EITS Responsibilities
- Review the integration details
- Coordinate with the Office of Information Security for data classification and security review
- Determine if ArchPass is required based on data sensitivity
- Review attributes, protocols, and timelines
- Create development accounts for testing
- Assist with onboarding into Development, Staging, and Production environments
- Maintain and upgrade the UGA SSO system to ensure it remains secure and supported
UGA SSO Application Listserv
All application owners are automatically subscribed to the UGASSOApps Listserv, used for:
- Announcements about SSO maintenance, outages, and updates
- Sharing tips, techniques, and questions related to UGA SSO integration
This is a discussion list, and posts are not moderated. By participating in UGA SSO, application owners agree to engage in listserv communications.
UGA SSO Maintenance Windows
EITS schedules regular maintenance windows for production SSO updates:
- Once a month, after 5:00 pm, on Fridays coinciding with the date of Windows/Linux server patching.
- Emergency maintenance work may occur as needed for critical fixes, patches, or updates.
- During major upgrades, regular maintenance work may be temporarily suspended to allow application owners to test against the updated CAS version before it is deployed to production.