Overview#

UApprove is a User Consent Module for Shibboleth Identity Providers v2.x to enforce acceptance of terms of use and user attribute release consent.

UApprove serves the following purposes:

  • The user is informed about the release of his data (attributes) to a Service Provider (SP) when he accesses the SP for the first time or if his data changed.
  • The administrator of an Identity Provider (IdP)
    • can ask the user to accept an IdP's terms of use before accessing any services
    • gets a tool that implements data protection laws by enforcing user consent before personal user attributes are released to an SP
    • knows when a particular user gave consent to release which attribute and value to a particular SP

From the user's point of view, UApprove is an application which presents him a webpage, on which

  • he may have to accept or decline the Terms of Use of an Shibboleth Identity Provider upon first access to the system (this option can be disabled by configuration)
  • he can globally accept the release of all his/her attributes to any Service Provider
  • he has to accept the release of his/her attributes upon first access to a given Service Provider (if the global release has not been approved)
Shibboleth IdPv3 comes with built-in user consent that obsoletes UApprove!

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-4) was last changed on 12-Dec-2015 12:18 by jim