Overview

Shibboleth is an implementation of the Security Assertion Markup Language (SAML) authentication protocol. Shibboleth is commonly used in web applications -- such as Canvas and UMN Library resources -- where a user's status at the University determines their level of access to these resources. The University operates a Shibboleth identity provider allowing faculty, staff, students, and other account holders to log in. Websites that run a SAML service provider can use Shibboleth to authenticate users.

Highlights

  • Leverages a user's existing University credentials so that you don’t have to manage accounts and passwords
  • Your site never sees user passwords; users enter passwords on the standard University login page only, so you don’t have to worry about handling passwords securely within your website or application
  • Works with both on-premise and hosted/cloud applications
  • Your application can get additional information back about users who logged in -- such as name, role, courses, job information, etc. -- that may be useful for access control (may require additional data access approval)
  • Your website or application could also leverage other universities’ accounts to log in for a more broadly-facing audience using the InCommon Federation 

Getting Started

Get Help

Intended Audience

Researchers
Staff & Departments
IT Staff and Partners

Cost

University-funded: No charge.

Featured Resources

Self-Help Guides

Shibboleth

Learn about Shibboleth, an open-source single sign-on infrastructure, and how to install and configure it.

See All Resources

Additional Resources

Create & Publish Websites
Manage Grants & Research Projects
Practice Safe Computing
Request & Manage Accounts & Passwords