Skip to content Skip to site navigation Skip to service navigation

WebAuth Announcement

Over time, Stanford is switching from its homegrown WebAuth to the SAML 2.0 standard for web authentication. For Stanford servers and applications using WebAuth to authenticate users, this will involve a WebAuth to Shibboleth migration. If you manage such resources, you will be able to find project plans and links to technical documentation on this page.

Action items

  • Take inventory of your current WebAuth application(s).
    The following information will be required for the migration:
    1. Application name, URL, business owner, application owner, technical lead, group email
    2. List of attributes used by the application, or current keytab principle
  • Join the mailing list webauth-migration@lists.stanford.edu.

Migration instructions

Identity & Access Management (IAM) Project Roadmap & Timeline

Milestone (All Running in Cloud) Completion
Stop issuing new WebAuth-enabled sites (application keytabs) March 31, 2017
KDC & IdP UAT in Cloud (replica) May 31, 2017
50% of UIT Applications on SAML May 31, 2017
LDAP UAT in Cloud (replica) Fall 2017
SAML Single Sign-on (SSO) no longer depends on legacy infrastructure
Note: No impact to current WebAuth-enabled applications.
February 28, 2018
Support for Stanford WebAuth Ends Summer 2018
Last modified September 15, 2017