- EXECUTIVE SPONSOR(S): AVC ITS Information and Security
- DEPT OR DIVISION: ITS Information Security
- TECHNICAL LEAD: Celeste Copeland
- STATUS: On Hold
- Project Theme: Improving Process and Operations
The project’s purpose is to determine the policy for deprovisioning WebAuthn registrations when people lose affiliation with the University, and then implement a technical solution to perform deprovisioning according to that policy. The policy will also identify how often WebAuthn registrations will expire. Project implementation will enable the Carolina Key project to roll out to the entire campus. If we do not complete this project, Carolina Key will remain in a pilot phase, and there will need to be manual deprovisioning of pilot participants. The project team will present an initial requirements document at a kick-off meeting scheduled in early May 2022.
WebAuthn is a web-based API that allows websites to update their login pages to add FIDO-based authentication on supported browsers and platforms, and midPoint is a software system used by the University to connect systems that hold digital records like ConnectCarolina and the University Directory. MidPoint uses triggers to remind the systems to update user information and access. Provisioning and deprovisioning are processes for creating, updating and deleting user accounts in multiple applications and systems.