IAM in Service Catalog
Draft. Consolidated info from other locations. Needs review and refinement.
The UW NetID service has a large variety of uses. These uses range from authenticating to highly sensitive systems such as OPUS and ESS to allowing an application to view a certain web page. In order to accomodate the many different uses we've come up with UW NetID types. Each UW NetID type has a different policies associated with it. Application programmers using the UW NetID service should be aware of the different types as it may be that not all types are appropriete for their application.
UW NetID Type
A UW NetID that belongs to a single person for life
A UW NetID used for departmental email or website use, may be used by many people.
A system UW NetID that should not generally be used to authenticate
A UW NetID used by an individual or group for a specified amount of time
A UW NetID that allows an application to authenticate to services
A UW NetID designated for specific system administrator functions
There are several types of UW NetIDs. Each type has a different set of acceptable uses and policies associated with them. If you are using UW NetID authentication in your application it is important to understand each type and be educated about what types you allow into your application.
Personal UW NetIDs are owned by a single person. These UW NetIDs are an individual's key to online resources at the UW. A person's primary personal UW NetID will stay with them for life, however, their primary uw netid can change at the request of the UW NetID owner. More information on personal UW NetID policies can be found at https://itconnect.uw.edu/security/uw-netids/about-uw-netids/.
Shared UW NetIDs can be used by one or more people. A shared UW NetID allows group access to computing services provided by C&C such as web publishing and email. New services leveraging Shared UW NetIDs should use Personal UW NetID authentication to access these resources. End-user information for shared UW NetIDs available at https://itconnect.uw.edu/security/uw-netids/about-uw-netids/shared-uw-netids/
Certain IDs in the UW NetID namespace should not be allowed to authenticate for a number of reasons. Some such reasons include:
These UW NetIDs fall into the class of reserved UW NetIDs.
Temporary UW NetIDs allow individuals to have temporary access to general access resources. These IDs get assigned a password for a duration of time after which the password is removed and the ID is assigned a new password and may be used by a different individual or set of individuals.
Application UW NetIDs are intended for use by applications to authenticate in situations where cert authentication is not available. They mirror the guidelines of UW CA assigned Certificates.
Application UW NetIDs are currently in "BETA" and are only available for a limited set of application integrations.