Skip to content Skip to site navigation Skip to service navigation

WebAuth Announcement

Support for WebAuth ends on August 31, 2018. Applications or websites that use WebAuth for authentication should move to the SAML 2.0 protocol. Learn more.

This deadline does not affect websites hosted on Stanford Sites and on the central web servers (web.stanford.edu). WebAFS is also exempt.

Over time, Stanford is switching from its homegrown WebAuth to the SAML 2.0 standard for web authentication. For Stanford servers and applications using WebAuth to authenticate users, this will involve a WebAuth to Shibboleth migration. If you manage such resources, you will be able to find project plans and links to technical documentation on this page.

Action items

  • Take inventory of your current WebAuth application(s).
    The following information will be required for the migration:
    1. Application name, URL, business owner, application owner, technical lead, group email
    2. List of attributes used by the application, or current keytab principle
  • Join the mailing list webauth-migration@lists.stanford.edu.

Migration instructions

Identity & Access Management (IAM) Project Roadmap & Timeline

Milestone (All Running in Cloud) Completion
Stop issuing new WebAuth-enabled sites (application keytabs) March 31, 2017
KDC & IdP UAT in Cloud (replica) May 31, 2017
50% of UIT Applications on SAML May 31, 2017
LDAP UAT in Cloud (replica) November 30, 2017
SAML Single Sign-on (SSO) no longer depends on legacy infrastructure
Note: No impact to current WebAuth-enabled applications.
March 30, 2018
Support for Stanford WebAuth Ends August 31, 2018
Last modified July 27, 2018