Cirrus customers who implement a Cirrus Bridge using DNS Add-on can test authentication to Service Providers (SPs) via the Cirrus Bridge before going live without disrupting their production environment. This document provides more information about the DNS Add-on and how to test your Cirrus SAML Bridge.
How to Test a Cirrus SAML Bridge with DNS Add-On
Single Logout (SLO) is a feature that allows a user to terminate multiple authentication sessions by performing a single logout action. Implementing SLO is often a challenge in an environment where different organizations operate the identity provider (IdP) and service providers (SP) and have different requirements for what happens on a logout. Browser-mediated SLO is inherently brittle, because it requires all messaging to go through the browser and for the SP and IdP to be aligned. Unless the policies of the organizations that run the IdP and SP are aligned, SLO doesn’t work.
Cats of Cirrus Identity
Marco & Marcelo Chamberlin |
Addison Glasius |
Luna McKee |
Peru Radtke |
Rio Radtke |
Coquette Urquhart |
Recent Canadian Access Federation Communication About Shibboleth Version 5 Update
Recently, the Canadian Access Federation sent emails to Cirrus Identity Bridge customers with a registered Cirrus Bridge Identity Provider in the Canadian Access Federation (CAF) to call attention to the release of Shibboleth Version 5. See an example of the emails below.
How to Complete Meta Verification for edu domains
Meta, formerly known as Facebook, has implemented a verification program designed to demonstrate that you’re connected to your business. Cirrus Proxy customers who have implemented the Facebook integration have received notification that you need to verify your business, but not all verification options work for edu domains.
Best Practices for Cirrus Bridge Customers
Congratulations! You are live with your Cirrus Bridge. Now that you are operational, here are a few suggested best practices from the Cirrus Team.
In November 2023, InCommon introduced a new metadata health feature for the federation. This helps ensure accuracy of certain information provided in the metadata that can get stale over time like contacts, URLs (Privacy Statement, Logo, Error), and TLS endpoints. Below are some answers to common questions you may have about the metadata health feature.
Stakeholder Communications to Support Bridge Implementations
Stakeholder communication is essential to ensure any implementation of new technology is successful. For customers implementing the Cirrus Bridge it is no different. In many cases, customers are retiring an existing Shibboleth service that has been running for decades and provided faculty, students, and staff access to hundreds of Service Providers. Working with many customers, Cirrus has identified that a good communication plan is essential at the beginning of each implementation.
Cirrus Identity External Login Solution Video
Why does a Cirrus Bridge need read-only API access?
New Cirrus Bridge customers frequently ask, “Why does a Cirrus Bridge need read-only API access?” The following blog post and video address this question.