HarvardKey provides attributes to applications in the authentication assertion for the purposes of authorization, account provisioning, and facilitation of the end user’s session. A complete list of attributes, their risk levels, and the protocols they align with can be found in the HarvardKey Attributes Available Table.
Please note:
- Application owners are responsible for assessing the sensitivity and risk level associated with their application based on Harvard’s security policy benchmarks in order to ensure that the authorization approach adopted will be sufficient to protect both individuals and the University from material harm. For instance only applications with higher risk authorization filters are eligible to receive higher risk attributes.
- For vended solutions, the release of certain attributes requires completion of specific contract riders. A list of all required riders are available in the Table.
To register an application with the HarvardKey Authentication Service, please refer to the Protecting Your Application with HarvardKey Services Knowledge Article.
Related Resources