Third Party Authentication Policy

Policy Information

Background

Third party applications are any applications that are not developed by the Vanderbilt community. They would include off the shelf solutions, custom solutions, and software as a service solutions. These various different types of third party solutions can either be hosted locally on the Vanderbilt network or externally at a vendor maintained location.

Policy

Third Party applications that are hosted on the Vanderbilt network can use direct authentication services such as AD, LDAP, etc. after having applied for VUnetID authentication priveleges.Third party applications that are hosted outside of the Vanderbilt network and are not administered by Vanderbilt staff must use a federated solution like Shibboleth, ADFS, etc. for authentication. If an application cannot integrate with a federated authentication solution, then the login function must be separated out and managed within the Vanderbilt network, and some secure mechanism for forwarding the user must be put in place. Options for this would include Bluestem, CAS, or some other SSO authentication solution.

Explore Story Topics