Skip to main content


Improved Single Sign-on Authentication

As part of Cornell’s ongoing commitment to sustainability, innovation, and improved IT services, CIT has launched the WebSSO Modernization Project, a program to retire the CUWebAuth web application authentication service and migrate to Shibboleth SAML-based authentication. Currently, CUWebAuth has reached the end of its lifecycle.

To ensure the best customer experience, the Identity Management team has adopted Shibboleth as the identity provider of choice for web application integrations as it overcomes CUWebAuth’s limitations. Shibboleth is already in production and this project expands its use to consolidate multiple solutions in the same space. 

Overall, the WebSSO Modernization Project will require CUWebAuth website administrators to migrate all CUWebAuth applications to Shibboleth and CIT will retire related services, including CUWebAuth, KProxy, CUWebAuth portal proxy, and PermitBridge. The service retirement deadline is October 1, 2021. This project is part of the larger Cornell Safe Access Program, which will provide more modern, scalable solutions to customers and optimize the investment of resources for the university.

Service Details

Regulated Data:

Not applicable or information not available.

Was this page helpful?

Your feedback helps improve the site.