WebAuth Announcement
Support for WebAuth ends on August 31, 2018. Applications or websites that use WebAuth for authentication should move to the SAML 2.0 protocol. Learn more.
This deadline does not affect websites hosted on Stanford Sites and on the central web servers (web.stanford.edu). WebAFS is also exempt.
Over time, Stanford is switching from its homegrown WebAuth to the SAML 2.0 standard for web authentication. For Stanford servers and applications using WebAuth to authenticate users, this will involve a WebAuth to Shibboleth migration. If you manage such resources, you will be able to find project plans and links to technical documentation on this page.
Action items
- Take inventory of your current WebAuth application(s).
The following information will be required for the migration:- Application name, URL, business owner, application owner, technical lead, group email
- List of attributes used by the application, or current keytab principle
- Join the mailing list webauth-migration@lists.stanford.edu.
Migration instructions
- WebAuth to SAML/Shibboleth Service Provider (SP) Migration (Sunet ID and password required)
Identity & Access Management (IAM) Project Roadmap & Timeline
| Milestone (All Running in Cloud) | Completion |
|---|---|
| Stop issuing new WebAuth-enabled sites (application keytabs) | March 31, 2017 |
| KDC & IdP UAT in Cloud (replica) | May 31, 2017 |
| 50% of UIT Applications on SAML | May 31, 2017 |
| LDAP UAT in Cloud (replica) | November 30, 2017 |
| SAML Single Sign-on (SSO) no longer depends on legacy infrastructure Note: No impact to current WebAuth-enabled applications. |
March 30, 2018 |
| Support for Stanford WebAuth Ends | August 31, 2018 |
Last modified
