Authentication Services

Security is the shared responsibility of all members of the campus community. Because campus affiliates have access to information that is often personal and confidential, it is important to understand the tools available to protect that information.

Authentication is the process of comparing credentials provided (ex. MultiPass username and password) with those on file for authorized individuals. Access to several campus resources is protected with single sign-on (SSO) authentication services. At Duquesne, SSO allows you to use your MultiPass credentials to sign into several resources at the university.

Web Application Login

When you access a university resource, such as DORI or Blackboard, you are directed to the standard university web application login page. After you enter your MultiPass username and password and click Login, your login credentials are compared to those on file. If you are an authorized user of the service and the credentials provided are correct, you are granted access to the service.

DU Web App Login Page

Federated Identity Management

Federated identity management (FIM) is an arrangement made between multiple enterprises that allows subscribers to use the same login information to obtain access to the networks of all the enterprises in the group.

With federated identity management, institutions join together in a group—a federation—and agree to trust each other's identity credentials. For example, a bank allows you to use your ATM card at the ATM of another bank where you do not have an account.

Duquesne University is a member of the InCommon Federation. This means that InCommon members agree to trust Duquesne University to vouch for the identity of someone who has logged in using the university's authentication services.

Duquesne has agreed to trust other InCommon members when they vouch for the identity of people who have logged in using their respective authentication methods. These institutions share additional identity information, called attributes, to allow them to make authorization decisions.

Federations use federated identity management software to allow them to vouch for their users' identities and to share information about whether those users meet the authorization requirements for a particular service (for example, a license that limits access to students).

Shibboleth

The InCommon Federation uses Shibboleth federated identity management software from Internet2. According to Internet2:

"Shibboleth is a standards-based, open-source software package for Web single sign-on across or within organizational boundaries. It allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner."

If you are enrolled in Duo multi-factor authentication (MFA), you will be required to perform an MFA login process when signing into any Shibboleth-supported web application (see below).

Duo-Enabled Services
Adirondack Handshake
Aleks Interfolio
Blackboard Internet2 (InCommon)
Box KnowBe4 Cybersecurity Training
ChromeRiver Prod Kuali Ready
ChromeRiver QA Office365 Email
Cognos Qualtrics
Collaboratory Slate CRM
DORI TIAA-CREF
EDUCAUSE United Way
eRezLife Wall Street Journal
Gartner Xfinity On Campus (XoC)
GlobalProtect VPN Zoom