Applications which support MIT Touchstone
The following applications are MIT Touchstone enabled, or directly support Shibboleth authentication. The information below indicates some of the relevant identity providers that the application supports, and also provides some indication about what information about a user is released to the application.
Key to identity providers
Identity providers are the components that provide authentication services for a particular security domain. At this time MIT operates two independent identity providers (IdPs). The core MIT IdP serves all MIT students, faculty, staff, and some others that have an MIT Kerberos username, and possess or are able to obtain, an MIT X.509 certificate.
The second IdP that MIT currently operates is the TouchstoneNetwork IdP. Many people also refer to this as the CAMS IdP. The TouchstoneNetwork IdP hosts the Collaboration Accounts Management System (CAMS), which allows nearly anyone to self-register for an account which may be used to authenticate to several applications. People may self register for an accont with this IdP by using a working email address that they control. Users may not register with an email address that ends in "@mit.edu". This is because people with such email addresses can already use their normal MIT account via the MIT IdP.
MIT is also a participant in the InCommon Federation. Over 100 other universities, corporations, and agencies are also members of the InCommon Federation. Instead of enumerating which of the many IdPs that belong to members of InCommon in the information below, we simply indicate if the application may support an IdP from one of the InCommon participants.
Key to attribute release information
One of the most powerful aspects of MIT Touchstone and Shibboleth is the ability to release selected information about the person that has authenticated to the application. This is done using a SAML assertion. Different applications can receive different information. In fact, some applications will not receive personally identifiable information about the user that has authenticated.
The following explains some of terminology related to our attribute release policies:
DisplayName - this is typically a concatenation of the user's first name and last name. For example: John Doe.
eduPersonPrimaryAffiliation - this will typically be one of the following: student@mit.edu, staff@mit.edu, affiliate@mit.edu. Affiliate means that the person has an MIT account but is not a student, staff, or faculty member. The person might be a temporary contractor, a visiting scholar, or a even a family member of a student or staff member.
email address - In the case of CAMS account this will be the email address that the person used to register and activate their account. For MIT users this will normally be their Kerberos username followed by "@mit.edu".
EPPN (eduPersonPrincipalName) - for MIT users this will be the Kerberos username followed by "@mit.edu". For TouchstoneNetwork Collaboration Accounts this will be an identifier follwed by "@touchstonenetwork.net".
Applications:
Stellar
is the platform for learning, course management and collaboration, serving the MIT community.
Identity providers supported: MIT, and TouchstoneNetwork. InCommon is not supported at this time.
Attributes released to Stellar by the IdPs:
TouchstoneNetwork: DisplayName, email address, EPPN
MIT: DisplayName, email address, EPPN, eduPersonPrimaryAffiliation
wikis.mit.edu
is a wiki system serving the MIT community. More information.
Identity providers supported: MIT, and TouchstoneNetwork. InCommon is not supported at this time.
Attributes released to wikis.mit.edu by the IdPs:
TouchstoneNetwork: DisplayName, email address, EPPN
MIT: DisplayName, email address, EPPN, eduPersonPrimaryAffiliation
Jira
is a bug tracking system being used by several IS&T project teams.
Identity providers supported: MIT, and TouchstoneNetwork. InCommon is not supported at this time.
Attributes released to Jira by the IdPs:
TouchstoneNetwork: DisplayName, email address, EPPN
MIT: DisplayName, email address, EPPN, eduPersonPrimaryAffiliation
Human Resources at MIT
provides information about the services available from the MIT Human Resources department.
Identity providers supported: MIT only. TouchstoneNetwork and InCommon are not supported at this time.
Attributes released to hrweb.mit.edu by the IdPs:
MIT: DisplayName, email address, EPPN, eduPersonPrimaryAffiliation
Barton
is the MIT Library catalog. It provides several library services for online users.
Identity providers supported: MIT, and TouchstoneNetwork. InCommon is not supported at this time.
Attributes released to Barton by the IdPs:
TouchstoneNetwork: DisplayName, email address, EPPN
MIT: DisplayName, email address, EPPN, eduPersonPrimaryAffiliation
MIT Libraries' access to e-resources via Libproxy
Libproxy manages access to licensed journal and database content for the MIT community.
Identity providers supported: MIT only.
Attributes released to Libproxy by the IdP:
MIT: DisplayName, email address, EPPN, eduPersonPrimaryAffiliation
MIT Libraries' ILLiad
A tool for requesting items not owned by MIT (ILB), and articles from the Library Storage Annex.
Identity providers supported: MIT only.
Attributes released to ILB by the IdP:
MIT: DisplayName, email address, EPPN, eduPersonPrimaryAffiliation
The IS&T web site
is the main support site for MIT Information Services and Technology.
Identity providers supported: MIT, and TouchstoneNetwork.
Attributes released to the IS&T web site by the IdPs:
TouchstoneNetwork: DisplayName, email address, EPPN
MIT: DisplayName, email address, EPPN, eduPersonPrimaryAffiliation
Thalia
is a web application that allows you to store, manage, and share your digital media files.
Identity providers supported: MIT
Attributes released to Thalia by the IdPs:
MIT: DisplayName, email address, EPPN, eduPersonPrimaryAffiliation
Roles web UI
is a web application to manage authorizations in the MIT Roles system.
Identity providers supported: MIT
Attributes released to Roles-app by the IdPs:
MIT: DisplayName, email address, EPPN, eduPersonPrimaryAffiliation
Maven
is a code repository manager used by some development teams at MIT.
Identity providers supported: MIT, and TouchstoneNetwork. InCommon is not supported at this time.
Attributes released to Maven by the IdPs:
TouchstoneNetwork: DisplayName, email address, EPPN
MIT: DisplayName, email address, EPPN, eduPersonPrimaryAffiliation
Seminar XXI
is an educational program for senior military officers, government and NGO officials, and executives in the national security policy community. The program's objective is to provide future leaders of that community with enhanced analytic skills for understanding foreign countries and the relations among them.
Identity providers supported: MIT, and TouchstoneNetwork. InCommon is not supported at this time.
Attributes released to Seminar XXI by the IdPs:
TouchstoneNetwork: DisplayName, email address, EPPN
MIT: DisplayName, email address, EPPN, eduPersonPrimaryAffiliation
Microsoft Dreamspark
is an external system that allows students to download Microsoft software development kits at no charge.
Identity providers supported: MIT and many other members of the InCommon Federation.
Attributes released to Microsoft Dreamspark by the IdPs:
MIT: eduPersonPrimaryAffiliation only
Spaces.internet2.edu
is a wiki system operated by Internet2. Several people from MIT collaborate with others working on projects hosted at this site.
Identity providers supported: MIT, and many IdPs from other InCommon Federation participants.
Attributes released to spaces.internet2.edu by the IdPs:
MIT: DisplayName, EPPN
The CoManage demo
site is hosted by Internet2. This site demonstrates the use of Shibboleth in conjunction with several applications and other projects developed by Internet2.
Identity providers supported: MIT, and many IdPs from other InCommon Federation participants.
Attributes released to the CoManage demo by the IdPs:
MIT: DisplayName, EPPN
The TeraGrid beta
site is hosted by TeraGrid.org. This pre-production site demonstrates how a Shibboleth Identity can be utilized to access TeraGrid resources.
Identity providers supported: MIT, and many IdPs from other InCommon Federation participants.
Attributes released to the TeraGrid.org beta by the IdPs:
MIT: EPPN
Nexus
is a central Maven repository manager for use by MIT software development teams. You have complete control of, access to, and deployment of, every artifact in your project, or organization, from a single location. A Maven repository can be setup in a few minutes by going to https://src.mit.edu/devtoolsSupport/dvTeamAccountRequest.jsp.
Identity providers supported: MIT, and Touchstone Network.
Attributes released to the src.mit.edu by the IdPs:
TouchstoneNetwork: DisplayName, email address, EPPN
MIT: DisplayName, email address, EPPN, eduPersonPrimaryAffiliation
Bamboo
is a Continuous Integration tool for software development projects. It brings faster feedback to your development process, prevents bugs from piling up and reduces the risk of project delays. A Continuous Integration account can be setup in a few minutes by going to https://src.mit.edu/devtoolsSupport/dvTeamAccountRequest.jsp.
Identity providers supported: MIT, and Touchstone Network.
Attributes released to the src.mit.edu by the IdPs:
TouchstoneNetwork: DisplayName, email address, EPPN
MIT: DisplayName, email address, EPPN, eduPersonPrimaryAffiliation
Back To Top
Applications
MIT wiki service
Barton Library Catalog
MIT Libraries' access to e-resources via Libproxy
MIT Libraries' ILLiad
IS&T web site
Microsoft Dreamspark service
Seminar XXI
MIT Roles UI
Human Resources at MIT
Thalia image management
Jira
Nexus Maven repository
Bamboo Continuous Integration
Maven
Internet2's wiki service
beta of access to TeraGrid
CoManage demo site
