Shibboleth for single sign-on
Shibboleth is an authentication (identification) and authorisation (authorisations) procedure for web applications and services operated by the University of Graz to provide access to various services.
One major advantage of this procedure is that users of the University of Graz and possibly other external persons only have to sign in once via Shibboleth in order to be able to access services or licensed content of various offerors wherever they may be (single sign-on). Shibboleth is primarily used in the fields of science and teaching.
If in the past you permitted data to be forwarded to all services, you can revoke that permission the next time you sign in via Shibboleth.
In the course of authentication and/or authorisation when the user signs in to Shibboleth, user-related data is transferred via safe channels to the target system to enable the user to work within the target system. In terms of data transparency in accordance with the EU’s General Data Protection Regulation, Shibboleth directly discloses which data is transferred. The names of the boxes and their meaning are shown here:
|displayName||display name from authorisation groups|
|eduPersonAffiliation, eduPersonScopedAffiliation||affiliation to authorisation groups|
|eduPersonpersistentId||session identifier for Main Library systems|
|eduPersonTargetedID||random number for session identifier for legal database|
|organizationalUnit||unit for students|
In addition, users may determine to which services their decision shall apply and may revoke them anytime.