Overview#
UApprove is a User
Consent Module for Shibboleth Identity Providers v2.x to enforce acceptance of terms of use and user attribute release consent.
UApprove serves the following purposes:
- The user is informed about the release of his data (attributes) to a Service Provider (SP) when he accesses the SP for the first time or if his data changed.
- The administrator of an Identity Provider (IdP)
- can ask the user to accept an IdP's terms of use before accessing any services
- gets a tool that implements data protection laws by enforcing user consent before personal user attributes are released to an SP
- knows when a particular user gave consent to release which attribute and value to a particular SP
From the user's point of view, UApprove is an application which presents him a webpage, on which
- he may have to accept or decline the Terms of Use of an Shibboleth Identity Provider upon first access to the system (this option can be disabled by configuration)
- he can globally accept the release of all his/her attributes to any Service Provider
- he has to accept the release of his/her attributes upon first access to a given Service Provider (if the global release has not been approved)
Shibboleth IdPv3 comes with built-in user consent that obsoletes UApprove!
!! More Information
There might be more information for this subject on one of the following: