NEWSLETTER
ISSUE #27 | December 5, 2024
SO...much...news!!
We have so much exciting news to share this month. First on our list is our first soft release of Registry v5.0.0. Although this version contains only a select set of features, our planned v5.1.0 is not far behind. Not to be neglected, Registry 4 recently got several new features as well in v4.4.0. Finally, to support all of these exciting developments, we are launching two new support programs to ensure that both the COmanage community and YOU have the support needed to make any implementation a success.
For those who will be attending Technology Exchange in Boston next week, we hope that you will come and find us so we can tell you all about them in person. For now, read on to get the deets!
Open Office Hours LIVE at TechEx - December 8
This month’s Open Office Hours will be held IN PERSON during the Technology Exchange conference in Boston during lunch on Tuesday. In addition to project updates, more information and demos of Registry v5.0.0, and details about our new support programs, we will have time for your questions and discussion as usual.
This session will not be broadcast or recorded, but we will share the slides and will reserve time at our January Office Hours for more discussion.
Tuesday, December 10, 12:10-1:40 PM
Technology Exchange Room: Suffolk (3rd Floor)
(a lunch buffet will be available outside of the room for registered participants)
2024 Topic Aperitif: COmanage Registry 5.0.0 LAUNCH!
During 2024, much of the COmanage Project development team was focused on developing the release of COmanage Registry 5.0.0. At this session, we will discuss what is in this limited-functionality launch and share what is planned for future releases. We will also share information about our two new support programs. See below for more details!
First Stable Release of Registry v5.0.0
The COmanage Project is pleased to announce the first stable release of Registry PE, v5.0.0. This release is intended for select early adopters with compatible use cases. Registry PE v5.0.0 is not at feature parity with Registry v4. In particular, Enrollment Flows will not be available until v5.1.0.
If you will be in Boston next week, come to Open Office Hours LIVE!! to see a demo of this new version. If you are interested in participating as an early tester or early adopter, please let us know via Slack or email. You can also just dive in and let us know how it goes.
The Registry PE (v5) Technical Manual provides additional information about Registry PE, including installation instructions. Note that PE's container support is currently limited. You should be comfortable building your own containers, or you can install directly on a VM or server without using containers.
Funding for Registry PE 5.0.0 (inclusive of the Milestone Releases) has been provided by
- The CILogon Project and the University of Illinois
- Internet2
- SCG Collaboration Group
- Southern Methodist University
- SUNET
- And an additional funder
Registry v4.4.0 Release
On November 19, the COmanage Project announced the release of COmanage Registry version 4.4.0. This release includes several new capabilities and improvements. A sampling of these items:
- Organization Source Plugins - A new plugin type that enables one to add data to Registry about organizations (to complement information about the people associated with these organizations. Sample data sources might be Federation Metadata (MDQ), Research Organization Registry (ROR), and SQL or CSV files for local data sources.
- KdcServer model for integrating with Kerberos KDC servers - a new KDC server configuration enabling connections to a Kerberos key distribution center.
- Eligibility Dashboard Widget Plugin for Self-Service - Enable self-service management of COU memberships.
- Plugin connection with ORCID member API - collect ORCID Member access tokens from users that can be used outside of Registry to read Trusted data from or update ORCID Records.
- Configuration Handler Plugin - a plugin that enables the export and import of Registry CO configurations.
- Fiddle Enroller Plugin - allows an administrator to “fiddle” with enrollment petition data before it is finalized.
See the Release Announcement for a full list of improvements and updates.
A Security Advisory was posted along with this release - details can be found on the COmanage Registry Security Advisories page.
COmanage Registry v4.4.0 was made possible by contributions from several organizations, in addition to ongoing funding via Internet2 and CILogon. The project would like to thank:
- Indiana University (UITS)
- MSU (Humanities Commons)
- NIH NIAID VRO
- SLAC National Accelerator Laboratory
Support for the Community. The OSP.
The Operational Sustainability Programme (OSP) provides funding for the operations and infrastructure work associated with the COmanage Project. This includes bug fixes, release management, documentation, and other tasks necessary to maintain the Project. The OSP works a bit like public radio. We set a fundraising goal and look to members of the community to help reach that goal so that we can keep providing the software that you rely on. SCG manages the OSP on behalf of the COmanage Project. Contributions to the OSP accrue to the benefit of the community.
See the SCG COmanage Project Support page for more details.
Support for the Community. The OSP.
SCG Priority Hours provide "top of the queue" support for subscribers. Available exclusively to OSP Funders, Priority Hours are an optional add-on. While SCG is unable to offer 24x7 operational support, Priority Hours receive the highest internal priority and will generally be placed at the top of the queue for response. Priority Hours may be used for any COmanage-related project, though there are limitations on using them for feature development ("RFEs").
See the SCG COmanage Project Support page for more details.
COmanage Project News
Do you have ideas or news to share? Let us know on the #incommon-comanage slack channel or by emailing Laura!
COMANAGE AT TECHNOLOGY EXCHANGE
Don’t miss these COmanage-related sessions during Technology Exchange this December:
Drinking our own Champagne: How Internet2 itself is leveraging and improving the Trusted Access Platform
TUESDAY, Dec 10 9:00 AM | Salon C/D (4th floor) | Add to calendar
In 2017, Internet2 implemented the InCommon Trusted Access Platform components, COmanage, Grouper, Shibboleth. Midpoint added to production in 2021. These components encompass the Internet2 Identity & Access Management platform, which enables the community to access resources and tools seamlessly using institutional, social, and guest logins. This platform has evolved iteratively since its deployment, with many lessons learned and with Internet2 providing feedback to the component architects to enhance and improve integration of the systems these tools support, including additional development work with Catalyst partners to fill needed gaps. Join us for a brief presentation on the history of the platform followed by a panel discussion of highlights of the features, improvements, and lessons learned as we ventured on a path to “drink our own champagne”.
.
COmanage Open Office Hours LIVE!
TUESDAY, Dec 10, 12:10 PM | Suffolk (4th floor) | Add to calendar
Each month, the COmanage project hosts Open Office Hours. This is a loosely structured, open forum for questions, discussion, and peer sharing among those using or interested in COmanage Registry and/or Match. A short conversation starter (Topic Aperitif) kicks off each session to help get the discussion started.
.
Supporting Science at Scale: CILogon Hosted COmanage for ACCESS
WEDNESDAY, Dec 11, 11:20 PM | Salon C/D (4th floor) | Add to calendar
In 2022, NSF funded the Advanced Cyberinfrastructure Coordination Ecosystem: Services and Support (ACCESS) collaboration to transition from XSEDE in providing cyberinfrastructure for researchers to share computing resources around HPC, HTC, Visualization, Storage, and Data Sources. This presented an immediate challenge in managing credentials for 100,000 registered users with over 30 years of history.
To meet this challenge, and to lay the groundwork for ongoing identity management processes, ACCESS partnered with CILogon to deploy a hosted COmanage Registry instance. Leveraging existing COmanage capabilities such as bulk import, duplicate detection, enrollment flows, identity linking, and credential management, this instance also leverages custom plugins to provide additional ACCESS-specific functionality. SSO across ACCESS sites (including COmanage) is provided by CILogon’s OIDC service.
While this project supports research identity management, many themes of this work apply to enterprise identity management as well. This session will discuss how COmanage Registry and CILogon services were deployed to meet ACCESS requirements for federated identity and identity management at scale, including migration of data from legacy systems, challenges around user education, how this work may influence future product development, and what future capabilities may be deployed to further support ACCESS.
.
Enterprise Case Studies
WEDNESDAY, December 11, 2:40 PM | Salon F (4th floor) | Add to calendar
In this session, we'll delve into case studies from Wake Forest University (WFU) and Southern Methodist University (SMU), demonstrating how they utilized COmanage Registry and Match. We'll explore how these tools addressed broader project objectives, the journey from tool selection to implementation, and valuable insights gained.
Case Studies:
- Banner to Workday Student Information System (SIS) Migration at Wake Forest University
WFU faced a challenge during a recent SIS migration. They required a tool to manage the registry and matching functions previously covered by Banner but not by Workday. Their solution? COmanage Registry. It facilitated the assignment of university ID numbers and unique usernames for all campus systems. To handle duplicates, they used COmanage Match, allowing their admissions staff to identify and match new applicants from Slate with existing individuals in the Wake Forest population. - Self-service registration for Continuing and Professional Education (CAPE) at Southern Methodist University
While updating CAPE's registration processes, SMU needed to assign NetIDs to their guest population and manage information provisioning for student registration and learning systems access. The tool that rose to the task? COmanage Registry.
In addition to these launched projects, we'll also discuss future plans for utilizing these tools.
That’s it for this month’s newsletter. We hope to see you during our next open office hours!
About The COmanage Project
COmanage is an Open Source Project that is focused on streamlining digital lifecycle management for your populations. It consists of two tools: Registry and Match.
COmanage Registry is an identity registry with flexible enrollment and lifecycle management capabilities that helps you meet your identity management objectives using standardized tools and approaches. It can be used as a central person registry, a guest management system, or a collaboration hub for scholarly collaborations.
COmanage Match performs identity de-duplication in order to help minimize the creation of duplicate accounts for the same individual. It provides a heuristic-based system for matching identity records across multiple authoritative systems of record. Match can be used with Registry or as a standalone product complementary to your other tools.
Learn more about the project and its supporters at https://incommon.org/software/comanage/.