NEWSLETTER
ISSUE #19 | February 29, 2024
Training and Feedback
Yes, it has been a long time since we sent our newsletter. As you know, the COmanage project is supported by individual contributors. While we have been able to continue our development and software support activities, some personal obligations have made it temporarily difficult for us to keep up with these communications. Fortunately, things are now back on track, and we expect to continue as we had. Today, we’re sharing two other activities that will resume in March: Open Office Hours and COmanage Training.
Open Office Hours - March 8
Do you have a question about deploying or configuring Registry or Match? Want to get some input on a solution architecture design? Want to hear how your colleagues in the community are solving problems similar to yours? Each month you can bring your topics for discussion to the call. No need to register or spin up a presentation (but feel free if it suits you!); just show up! A short conversation starter kicks off each session to help get the discussion started.
Friday, February March 8 at 12:00 PM (America/New York)
(no registration necessary)
https://us06web.zoom.us/j/84743471575?pwd=d29QNFM1KzEwUFZvRFg0enJ1dlNmQT09
2024 Topic Aperitif: COmanage Registry 5.0 Update
Much of the COmanage Project development team is focused on development toward the release of COmanage Registry 5.0. We will kick off each of the Office Hours in 2024 with a brief update on the latest developments.
Training - Register by March 12, 5:00 PM ET!
InCommon will offer COmanage Training for both Registry and Match the week of March 25, 2024. Be sure to register early - courses will be canceled if too few learners sign up.
COmanage Registry - March 26-27 | REGISTER
Learn how to set up and administer COmanage Registry with this hands-on course. Follow the three common use cases to understand how to maximize your tool use: Enterprise Registry, Virtual Organization Registry, and Guest Registry. This workshop covers
- Getting Started - An overview of COmanage Registry and hands-on exercises to set up your virtual machine for the Workshop.
- People - COmanage Registry is a registry for people. In this topic, you will learn how people are represented within Registry and how to link data from your external systems to create an aggregate view of person data.
- Structure - The structures used to manage organizational, role, and/or access groups within Registry.
- IDs and Authenticators - Create and link identifiers and authenticators to the people represented in Registry.
- Enrollment Flows - Create and customize enrollment workflows to add and update data about the people represented in Registry.
- Provisioning - Provision data from Registry into external systems to enable authorization decisions, system-to-system data sharing, and system connections.
COmanage Match - March 28 | REGISTER
Learn how to use de-duplicate your population data using a heuristic matching tool. Match can be used standalone or integrated into Registry. This hands-on workshop will provide you the basics of developing and testing matching rules and strategies for testing these rules. This workshop also reviews how to use the Match API that you will use to integrate Match with your own tools. This workshop covers:
- Getting Started — This module briefly introduces COmanage Match. It explores what we mean by managing duplicates and outlines the capabilities and structure of COmanage Match to address duplicates.
- Sources — This module reviews how to link sources that contain records you want to compare using Match. It includes configuring the Systems of Record and the methods for adding records to Match.
- Attributes — Each system of record (SoR – aka, source system) you connect to COmanage Match contains multiple records. Each of these records describes a data subject. One of the first things you need to do in planning your strategy for matching records across various sources of record is to establish what attributes (fields) about the data subject you will use to determine matches.
- Rules — COmanage Match uses a set of rules to determine matches. You configure these rules to indicate either exact (canonical) or potential matches based on a comparison of attributes already present in the records of your Matchgrid compared with those of a new Record being analyzed. In these lessons, you will learn how to configure your rules for the sources in your Matchgrid.
- Testing— It is difficult to fully anticipate how your match rules will behave without testing them. Your tests will reveal additional considerations based on the data that you are likely to find in your source data and how the rules are configured. In these lessons, you will learn how to build test sets and use them to evaluate how your match rules will perform on the type of data that you will be evaluating.
- Resolve Matches — Your rules will not always present exact matches; some will need to be resolved by a person. This lesson will describe resolving potential matches in the COmanage Match interface and will discuss how the COmanage Match API can be used to resolve matches in other ways, for example, synchronous matching at the time of record creation or resolution using an interface in another tool including one that you may build yourself.
COmanage News
Do you have ideas or news to share? Let us know on the #incommon-comanage slack channel or by emailing Laura!
CHAT WITH BENN AT COMMUNITY EXCHANGE
The COmanage project architect, Benn Oshrin, will be at Community Exchange next week in Chicago. Be sure to catch up with him to chat about the project or even to just say, “hi”!
That’s it for this month’s newsletter. We hope to see you during our next open office hours!
About The COmanage Project
COmanage is an Open Source Project that is focused on streamlining digital lifecycle management for your populations. It consists of two tools: Registry and Match.
COmanage Registry is an identity registry with flexible enrollment and lifecycle management capabilities that helps you meet your identity management objectives using standardized tools and approaches. It can be used as a central person registry, a guest management system, or a collaboration hub for scholarly collaborations.
COmanage Match performs identity de-duplication in order to help minimize the creation of duplicate accounts for the same individual. It provides a heuristic-based system for matching identity records across multiple authoritative systems of record. Match can be used with Registry or as a standalone product complementary to your other tools.
Learn more about the project and its supporters at https://incommon.org/software/comanage/.
@ Technology Exchange
September 19, 2023
Attending TechEx this week?
We hope to see you for the COmanage Project sessions this week.
Open Office Hours LIVE!
TODAY, Tuesday 12:30
Orchestra D, 2nd-floor
Topic Aperitif: Release of Registry 5.0! Learn the latest about the project including the first release of the new version. Pick up your lunch just outside of the room.
Help shape the next COmanage Registry
Wednesday 12:30
Rochester Room, 3rd floor
Join us for a participatory session as we work together in shaping the next version of Registry. You do not need to be a current user to attend this session.
COmanage Match This!
Wednesday 1:40
Minneapolis B, 3rd floor
Do you have challenges with de-duplicating your data? Join us for this discussion about the use cases and how Match might help.
About The COmanage Project
COmanage is an Open Source Project focused on streamlining digital lifecycle management for your populations. It consists of two tools: Registry and Match.
COmanage Registry is an identity registry with flexible enrollment and lifecycle management capabilities that helps you meet your identity management objectives using standardized tools and approaches. It can be used as a central person registry, a guest management system, or a collaboration hub for scholarly collaborations.
COmanage Match performs identity de-duplication to help minimize the creation of duplicate accounts for the same individual. It provides a heuristic-based system for matching identity records across multiple authoritative systems of record. Match can be used with Registry or as a standalone product complementary to your other tools.
Learn more about the project and its supporters at https://incommon.org/software/comanage/.
NEWSLETTER
ISSUE #18 | July 30, 2023
We're back!
Our sincere apologies for the hiatus in sending our newsletter and hosting open office hours. Circumstances out of our control had our team members attending to other critical tasks, and our monthly communication suffered as a result. But the good news is that we now have so much more to share with you!!
Open Office Hours - September 1
Open Office Hours will RESUME in September!! Do you have a question about deploying or configuring Registry or Match? Want to get some input on a solution architecture design? Want to hear how your colleagues in the community are solving problems similar to yours? Each month you can bring your topics for discussion to the call. No need to register or spin up a presentation (but feel free if it suits you!); just show up! A short conversation starter kicks off each session to help get the discussion started.
Fri, SEP 1 9:00 AM ET | 12:00 PM PT | 16.00 UTC
(no registration necessary)
https://internet2.zoom.us/j/81517628065?pwd=YllHUEJnSTF5U0FNbDQvSEQ4c0tmdz09
IN YOUR TIMEZONE & link for your calendar
September’s Topic Aperitif: COmanage Registry 5.0 is coming!!
Registry 5.0 (Framework migration) is scheduled to be available in September!! This is your chance to get an update on what is included and ask your questions. There may even be opportunities to influence upcoming functionality!! (NOTE: this topic will be covered in additional depth during Technology Exchange, see below).
COmanage News
This newsletter section is designed to provide additional transparency on the day-to-day workings of COmanage. Have ideas about other information that we should be including? Let us know on the #incommon-comanage slack channel or by emailing Laura!
COMANAGE AT TECHNOLOGY EXCHANGE
Don’t miss these sessions about the COmanage project and tools during Technology Exchange this September:
- Tue, SEP 19, 12:30 PM: COmanage Open Office Hours LIVE
Topic Aperitif: Re-thinking Enrollment Flows
COmanage Registry is undergoing a significant update with version 5.0.0. With a substantial upgrade to the underlying development framework, CakePHP, we are taking the opportunity to review current Registry uses and adjust the code and features to better align with how the system is being used today. For this month’s “topic aperitif,” we will explore how we are rethinking enrollment flows and seek your input and use cases as we start to implement this updated core feature. This session will replace the September virtual event, which will also be offered to online participants.
NOTE: We will repeat this interactive discussion during a regularly-scheduled Office Hours online session for anyone who will not be attending the conference in person.
- Wed, SEP 20, 1:40 PM: COmanage Match This! Early Case Studies
COmanage Match has been available for a little over a year, since July 2022. Its first training class was in March of this year. How are institutions starting to use and build the tool into their data management workflows? During this panel discussion, we will hear from institutions that have started to explore how they will use Match on their campuses. They will share the use cases they have set out to address and what they have been learning along the way.
COmanage Match provides a heuristic-based system for matching identity records across multiple authoritative systems of record. It implements the open Identity Match API standard completed by an InCommon working group in 2018. This flexible tool can be used with an Identity Registry like COmanage Registry, integrated with other systems via its API, or as a standalone service.
COMANAGE MATCH TRAINING
Join us for the full-day COmanage Match training workshop. Developed through generous support from UCSD and offered by InCommon, this hands-on workshop will review how to configure and use COmanage Match, including an overview of the Match API, developing and testing match rules, and thoughtful discussion about your use cases.
WORKSHOP DATE: October 26
REGISTRATION: More information and registration for this virtual workshop can be found at this link.
COMANAGE REGISTRY TRAINING
If you are looking for training for Registry, InCommon is offering the next workshop the same week as for Match. Take the two together or separately.
WORKSHOP DATE: October 24-25
- REGISTRATION: More information and registration for this virtual workshop can be found at this link.
That’s it for this month’s newsletter. Keep an eye out for our next one scheduled for late August.
About The COmanage Project
COmanage is an Open Source Project focused on streamlining digital lifecycle management for your populations. It consists of two tools: Registry and Match.
COmanage Registry is an identity registry with flexible enrollment and lifecycle management capabilities that helps you meet your identity management objectives using standardized tools and approaches. It can be used as a central person registry, a guest management system, or a collaboration hub for scholarly collaborations.
COmanage Match performs identity de-duplication to help minimize the creation of duplicate accounts for the same individual. It provides a heuristic-based system for matching identity records across multiple authoritative systems of record. Match can be used with Registry or as a standalone product complementary to your other tools.
Learn more about the project and its supporters at https://incommon.org/software/comanage/.
NEWSLETTER
ISSUE #17 | February 28, 2023
Linking Info
This month we’re trying out an Australia-friendly time for our Open Office Hours. We hope you will join us for an interesting Topic Aperitif about how COmanage and CILogon are being leveraged in several projects in Australia. These projects enable streamlined information sharing and decision making by Data Access Committees, and bring deeper connections between people and the research results and artifacts that they work with.
Open Office Hours - March 2 | 3
Do you have a question about deploying or configuring Registry or Match? Want to get some input on a solution architecture design? Want to hear how your colleagues in the community are solving problems similar to yours? Each month you can bring your topics for discussion to the call. No need to register or spin up a presentation (but feel free if it suits you!); just show up! A short conversation starter kicks off each session to help get the discussion started.
Fri, 3 MAR 3 8:00 AM AEST | Thu, MAR 2 5:00 PM US ET
(no registration necessary)
https://internet2.zoom.us/j/81517628065?pwd=YllHUEJnSTF5U0FNbDQvSEQ4c0tmdz09
IN YOUR TIMEZONE & link for your calendar
Topic Aperitif: COmanage facilitating research
Hear about how COmanage Registry is being leveraged in Australia to support research collaborations and access to data sets. SPEAKER: John Scullen, Australian Access Federation. We will follow this 15 min chat with topics of your choosing. Bring your questions, comments, and suggestions about any topic to office hours with the COmanage project team.
COmanage News
This newsletter section is designed to provide additional transparency on the day-to-day workings of COmanage. Have ideas about other information that we should be including? Let us know on the #incommon-comanage slack channel or by emailing Laura!
UPCOMING OPEN OFFICE HOURS
Usually, our Open Office Hours are scheduled for the first Friday of the month at noon US ET. We are changing the schedule for the next several events to include some special content:
- Thu, MAR 30 4:00 PM ET: TOPIC: Open topics with the latest training cohort
Click the link above to see the meetings in your time zone and add them to your calendar.
COMANAGE MATCH TRAINING
Join us for our first full-day COmanage Match training. Developed through generous support from UCSD and offered by InCommon, this workshop will review how to configure and use COmanage Match, including an overview of the Match API, how to develop and test match rules, and thoughtful discussion about your use cases.
WORKSHOP DATE: March 30, 11:00-5:00 ET
- REGISTRATION: Registration for this virtual workshop can be found at this link.
COMANAGE REGISTRY TRAINING
If you are looking for training for Registry, InCommon is offering the next workshop the same week as for Match. Take the two together or separately.
WORKSHOP DATE: March 28-29
- REGISTRATION: Registration for this virtual workshop can be found at this link.
That’s it for this month’s newsletter. Keep an eye out for our next one scheduled for late March. We hope to welcome you during our Open Office Hours on March 3rd AEST!
About The COmanage Project
COmanage is an Open Source Project that is focused on streamlining digital lifecycle management for your populations. It consists of two tools: Registry and Match.
COmanage Registry is an identity registry with flexible enrollment and lifecycle management capabilities that helps you meet your identity management objectives using standardized tools and approaches. It can be used as a central person registry, a guest management system, or a collaboration hub for scholarly collaborations.
COmanage Match performs identity de-duplication in order to help minimize the creation of duplicate accounts for the same individual. It provides a heuristic-based system for matching identity records across multiple authoritative systems of record. Match can be used with Registry or as a standalone product complementary to your other tools.
Learn more about the project and its supporters at https://incommon.org/software/comanage/.
NEWSLETTER
ISSUE #16 | January 30, 2023
Start with something new!
We started 2023 with new releases to COmanage Registry AND Match! This month we’ll highlight some of the things you can expect to find in these updates and where to go for more information.
Open Office Hours - February 3
Do you have a question about deploying or configuring Registry or Match? Want to get some input on a solution architecture design? Want to hear how your colleagues in the community are solving problems similar to yours? Each month you can bring your topics for discussion to the call. No need to register or spin up a presentation (but feel free if it suits you!); just show up! A short conversation starter kicks off each session to help get the discussion started.
Friday, February 3 at 12:00 PM (America/New York) (no registration necessary)
https://internet2.zoom.us/j/81517628065?pwd=YllHUEJnSTF5U0FNbDQvSEQ4c0tmdz09
IN YOUR TIMEZONE & link for your calendar
Topic Aperitif: The Release Candidate Process
This month both COmanage tools had new releases: Registry 4.1.0 and Match 1.1.0. As part of the new release process, we offer one or more Release Candidates for testing and evaluation. COmanage tools are used in a variety of environments and for a diverse set of use cases. While we test the code that we release, the small open-source development team cannot test for all the conditions for which the tools are used. In this Topic Aperitif, we will open the discussion of the release candidate process and its effectiveness, potentially brainstorming ideas of how the process might be improved. We will follow this 15 min chat with topics of your choosing. Bring your questions, comments, and suggestions about any topic to office hours with the COmanage project team.
Selected New Feature Spotlight
We are excited about the new releases of Registry 4.1.0 and Match 1.1.0. Below are a few favorite new features from the development team:
- Registry: New and Improved Source Plugins
- ApiSource supports multiple roles: This plugin for accepting information from Systems of Record via an API will now accept information about multiple roles for a person in a single request.
- Novi Organizational Identity Source: (NEW) This plugin integrates with the Novi Association Management Software platform using the Novi AMS API.
- SqlSource: (NEW) The SQL Organizational Identity Source plugin is designed to integrate inbound data via a SQL database.
- Match Resolution Endpoint Notification:
- In Match: When a Pending Match Request is resolved, Match can now be configured to send a JSON message to a URL endpoint. This allows automatic business processes to be triggered once a Reconciliation Manager reviews and resolves a Pending Match.
- In Registry: Registry now supports reprocessing of Organizational Identity Source records if a pending match is resolved and a resolution notification is sent via the Match engine (as described above).
- Registry Enrollment Flow Integration with ID Match: Since v3.3.0, Registry has supported record matching using an ID Match server (for example, COmanage Match). The early implementation supported matching through pipelines, the mechanism for connecting data from Systems of Record to CO Person records, the core object within Registry. Registry 4.1.0 also supports the setup of an external match in Enrollment Flows to allow for matches using an ID Match server like COmanage Match.
COmanage News
This newsletter section is designed to provide additional transparency on the day-to-day workings of COmanage. Have ideas about other information that we should be including? Let us know on the #incommon-comanage slack channel or by emailing Laura!
COmanage REGISTRY IN THE NEWS
COmanage Registry was mentioned in ACCESS News last week. NSF’s ACCESS (Advanced Cyberinfrastructure Coordination Ecosystem: Services & Support) program builds on the 11-year XSEDE project to provide tools and support for essential computational- and data-intensive research across science and engineering. The ACCESS Operations team selected COmanage Registry and CILogon as their infrastructure tools to manage authentication and access to these important resources.
Read the full article: Safe, Secure, and State-of-the-Art, by Hannah Naughton, NCSA, ACCESS News, Jan 26, 2023
UPCOMING OPEN OFFICE HOURS
Usually, our Open Office Hours are scheduled for the first Friday of the month at noon US ET. We are changing the schedule for the next several events to include some special content:
- Fri, 3 MAR 3 8:00 AM AEST | Thu, MAR 2 5:00 PM US ET: TOPIC: Hear about how COmanage Registry is being leveraged in Australia to support research collaborations. SPEAKER: John Scullen, Australian Access Federation
- Thu, MAR 30 4:00 PM ET: TOPIC: Open topics with the latest training cohort
Click the link above to see the meetings in your time zone and add them to your calendar.
COMANAGE MATCH TRAINING
Join us for our first full-day COmanage Match training. Developed through generous support from UCSD and offered by InCommon, this workshop will review how to configure and use COmanage Match, including an overview of the Match API, how to develop and test match rules, and thoughtful discussion about your use cases.
WORKSHOP DATE: March 30, 11:00-5:00 ET
- REGISTRATION: Registration for this virtual workshop can be found at this link.
COMANAGE REGISTRY TRAINING
If you are looking for training for Registry, InCommon is offering the next workshop the same week as for Match. Take the two together or separately.
WORKSHOP DATE: March 28-29
- REGISTRATION: Registration for this virtual workshop can be found at this link.
That’s it for this month’s newsletter. Keep an eye out for our next one scheduled for late February. We hope to welcome you during our Open Office Hours on February 3rd!
About The COmanage Project
COmanage is an Open Source Project that is focused on streamlining digital lifecycle management for your populations. It consists of two tools: Registry and Match.
COmanage Registry is an identity registry with flexible enrollment and lifecycle management capabilities that helps you meet your identity management objectives using standardized tools and approaches. It can be used as a central person registry, a guest management system, or a collaboration hub for scholarly collaborations.
COmanage Match performs identity de-duplication in order to help minimize the creation of duplicate accounts for the same individual. It provides a heuristic-based system for matching identity records across multiple authoritative systems of record. Match can be used with Registry or as a standalone product complementary to your other tools.
Learn more about the project and its supporters at https://incommon.org/software/comanage/.
NEWSLETTER
ISSUE #15 | December 29, 2022
Goodbye 2022
What a year it has been. We have been taking a moment to reflect on the COmanage Project journey this year. And what a journey it has been! We thank the community for their continued inspiration, collaboration, and support throughout the year. We couldn’t have accomplished so many great things without you!
We’ll take an Open Office Hours break in early January, but we will be back at our monthly sessions in February. Happy New Year!
No Open Office Hours This Month
We will be taking a break from office hours in early January but will resume on Friday, February 3, at 12:00 PM (America/New York). Please use the link below to add the event to your calendar:
COmanage 2022 Year in Review
More happened during 2022 than we can fit into a newsletter, but here we share some highlights.
New Version Releases
You can find all of the details of the releases on the COmanage Roadmap page.
- Registry v4.0.2 (Feb)
Bug fixes and corrections on Registry v4.0.0 were released in Oct 2021. - Match v1.0.0 (Jul)
The initial release of COmanage Match. - Registry v4.1.0 RC1 (Dec)
A precursor to the full release of v4.1.0, we shared the first Release Candidate of the update in December. This version will have many new features, including Person Vetting, Enrollment Flow Integration with ID Match, and an ApiSource update to accept multiple roles. You can see a full list of features in the presentation given at Open Office Hours LIVE! last month.
Planning & Execution
We laid a lot of groundwork during 2022 that we expect to leverage next year and beyond.
- Updates to COmanage Project Containers
Led by the Project Container lead, Scott Koranda, we have our first vision, roadmap, and formal planning for how COmanage will manage and evolve containerized packaging. In addition to the planning, this year we migrated container repositories for both Registry and Match to be resident with the code base for each. Execution of this plan will be ongoing throughout 2023. See Container Planning Roadmap for all the details.
- Registry 5.0.0 (PE)
Registry v5+ is a significant update to the code because of a CAKE Framework Migration. We have taken the opportunity to consider how Registry is used today and update it so that the codebase is better positioned for what we plan in the future. Our development cadence is tied to several small “milestone releases.” At the moment, we are on milestone release 7. The Minimal Viable Product release is expected between milestone releases 12 and 13. Both versions 4 and 5 will be supported until version 5 reaches feature equivalency with 4. You can find details about v5 plans in the presentation from Open Office Hours LIVE! last month.
Refreshed Documentation
We started this newsletter both to help communicate new news about COmanage tools, as well as to help highlight information that may have been tucked away in our documentation for some time. We have been building several resources to help you find your way around the documentation, particularly for the new or occasional user.
- Technical Manuals - detailed documentation on the features and
- User Guides - the technical manuals with a bit of context thrown in.
- Community Pages - explore ways to engage with the rest of the community and us. The COmanage Community
- Media resources (new this month). We have updated the format for our media pages, making them easier to use. See the media page for the details about
- Presentations,
- Videos, and
- Other Resources
Training, Presentations, & Events
We value the many times we had opportunities to have voice-to-voice conversations with current and prospective users of COmanage tools. We loved hearing your use cases, questions, suggestions, and stories in many settings:
117
attendees
@ 12 Open Office Hours
(one of them in person!)
46
attendees
@ 3 Registry training sessions
(March, June, November)
AND, lots and lots of attendees from Internet2’s Technology Exchange (Dec)
… and a quick look to the future…
At the last Open Office Hours, the COmanage Project UI/UX lead, Arlen Johnson, provided a preview of a few features of the new Registry interface that is expected with COmanage Registry v5.x.x. We invite you to watch the 3 min video and start getting excited about what the project has in store for 2023.
That’s it for this month’s newsletter. Keep an eye out for our next one scheduled for late January. We look forward to seeing you in the new year.
About The COmanage Project
COmanage is an Open Source Project focused on streamlining digital lifecycle management for your populations. It consists of two tools: Registry and Match.
COmanage Registry is an identity registry with flexible enrollment and lifecycle management capabilities that helps you meet your identity management objectives using standardized tools and approaches. It can be used as a central person registry, a guest management system, or a collaboration hub for scholarly collaborations.
COmanage Match performs identity de-duplication to help minimize the creation of duplicate accounts for the same individual. It provides a heuristic-based system for matching identity records across multiple authoritative systems of record. Match can be used with Registry or as a standalone product complementary to your other tools.
Learn more about the project and its supporters at https://incommon.org/software/comanage/.
NEWSLETTER
ISSUE #14 | November 30, 2022
New Things
If you have been curious about the work that the team has been doing on COmanage Registry version 5.0.0, this is your month. Here we highlight some of this work, including what components we have been prioritizing, how we are thinking about the user interface of this new version, and rough ideas about timing. Our Open Office Hours will be LIVE! at Technology Exchange in Denver with a broadcast through zoom for those who won’t be there in person.
Open Office Hours LIVE!! - December 7 (DIFFERENT TIME)
This month we’re taking advantage to our attendance at Technology Exchange in Denver to do a LIVE! version of our monthly Open Office Hours. We will still host our online version, so please join us even if you will not be in Denver this week.
Do you have a question about deploying or configuring Registry or Match? Want to get some input on a solution architecture design? Want to hear how your colleagues in the community are solving problems similar to yours? Each month you can bring your topics for discussion to the call. No need to register or spin up a presentation (but feel free if it suits you!); just show up! A short conversation starter kicks off each session to help get the discussion started.
Wednesday, December 7 at 12:30 PM (America/Denver) (no registration necessary)
LIVE: Director’s Row I, Sheraton Denver Downtown Hotel
ZOOM: https://us06web.zoom.us/j/84743471575?pwd=d29QNFM1KzEwUFZvRFg0enJ1dlNmQT09
IN YOUR TIMEZONE & link for your calendar
Topic Aperitif: COmanage Registry 5.0.0. (PE)
COmanage Registry is undergoing a significant update with version 5.0.0. With a substantial upgrade to the underlying development framework, CakePHP, we are taking the opportunity to review current Registry uses and adjust the code and features to better align with how the system is being used today. For this month’s “topic aperitif” we will discuss the expected changes, share some exciting functionality and interface updates, and talk about timing. We look forward to your questions, comments, and suggestions, both about this update and any other COmanage topics.
COmanage Registry v5 - Looking good…
We are so excited about the planned UI/UX updates to COmanage Registry. Influenced from feedback from those participating in Registry training, we have been re-thinking the application information to ensure that functionality are grouped in intuitive ways. We have been seeking ways to present information so important items are noticed quickly and easily, and the ability to update and interact with this information is straight-forward.
This one picture of the Registry person canvas inspires many more than a thousand words from us. Tune into Open Office Hours to see a peak of the updates planned for the Person Canvas and the rest of Registry.
COmanage News
This newsletter section is designed to provide additional transparency on the day-to-day workings of COmanage. Have ideas about other information that we should be including? Let us know on the #incommon-comanage slack channel or by emailing Laura!
COmanage AT TECHNOLOGY EXCHANGE IN DECEMBER!
We are so excited that several sessions will focus COmanage tools at Internet2’s Technology EXchange this December 5-9 in Denver, CO, USA:
Making it Sticky: Offering Shared Services via InCommon Glue (Newly Added!)
Have services you want to offer schools in your state or region, but it’s tough to manage the individual access details? Want to help your member schools access those shared services and the world of academic collaboration?
The community has news for you! Join us to hear OARnet’s experience this year and learn how the InCommon community has been working on several initiatives to help a diversity of organizations to participate. There are also education programs and partner-provided tools to help bridge the gap. Please join us to explore resources available to support your needs.
Bridging the Divide: Dynamic MFA Using PrivacyIDEA, SATOSA, and COmanage
A growing number of Service Providers (SPs) require their users to sign in using Multi-factor Authentication (MFA) to ensure that SP-provided resources are securely accessed. However, federated Identity Providers (IdPs) are still evolving in their support for MFA. A flexible bridge solution is needed.
To address this challenge, the NIAID Discovery and Collaboration Platform (NDCP) developed a Dynamic MFA solution that uses campus MFA assertions when available and NDCP MFA when not. This solution combines three powerful tools: 1) PrivacyIDEA for token management and runtime authentication, 2) COmanage for NDCP MFA registration when IdPs don't provide MFA, and 3) SATOSA for SAML assertion and flow management. MFA-secured authentication from IdPs can be used directly even if the IdP does not signal it, and can automatically adjust when an IdP starts signaling MFA.
Join us to learn why Dynamic MFA is essential for Virtual Organizations looking to leverage federated MFA, and how to make it work. Presenters will cover implementation and code release, the MFA deployment process, and challenges/lessons learned along the way.
ACAMP: BYOCT
And, of course, we hope to collaborate with you as you Bring Your Own COmanage Topic (BYOCT) to Advanced CAMP - the unconference component of CAMP week at Technology EXchange.
That’s it for this month’s newsletter. Keep an eye out for our next one scheduled for late December. We hope to welcome you during our Open Office Hours on December 7th!
About The COmanage Project
COmanage is an Open Source Project that is focused on streamlining digital lifecycle management for your populations. It consists of two tools: Registry and Match.
COmanage Registry is an identity registry with flexible enrollment and lifecycle management capabilities that helps you meet your identity management objectives using standardized tools and approaches. It can be used as a central person registry, a guest management system, or a collaboration hub for scholarly collaborations.
COmanage Match performs identity de-duplication in order to help minimize the creation of duplicate accounts for the same individual. It provides a heuristic-based system for matching identity records across multiple authoritative systems of record. Match can be used with Registry or as a standalone product complementary to your other tools.
Learn more about the project and its supporters at https://incommon.org/software/comanage/.
NEWSLETTER
ISSUE #13 | October 25, 2022
Population Changes
How does your organization manage the IAM changes that come with the changes in roles, status, and affiliation that happen within your registered population? We invite you to take a look at the new wiki page in our COmanage Registry User Guide about offboarding and expiration policies. As you’re pondering this question, consider joining us for Open Office Hours a little earlier than usual (tomorrow!!) We will be welcoming the latest cohort of Registry training workshop participants as we pick topics to discuss in more detail. Finally, mark your calendar to join us at TechEx in December in Denver for Open Office Hours Live! Meet the development team in person and get a peak at the upcoming version of Registry. You won’t want to miss this one!!
Open Office Hours - October 27 (DIFFERENT TIME)
Do you have a question about deploying or configuring Registry or Match? Want to get some input on a solution architecture design? Want to hear how your colleagues in the community are solving problems similar to yours? Each month you can bring your topics for discussion to the call. No need to register or spin up a presentation (but feel free if it suits you!); just show up! A short conversation starter kicks off each session to help get the discussion started.
Thursday, October 27 at 3:00 PM (America/New York) (no registration necessary)
https://internet2.zoom.us/j/81517628065?pwd=YllHUEJnSTF5U0FNbDQvSEQ4c0tmdz09
IN YOUR TIMEZONE & link for your calendar
Topic Aperitif: Pick a Topic
When we teach the COmanage Registry workshop, the last session has participants voting on the topics that they would like to hear more about or that were not covered during training. This month we invite the broader community to join in this tradition, both to hear the topics and to contribute your insights and experiences to the conversation. The topics that are up for consideration are:
- Account Linking
- Duplicate Management
- Extending the COmanage Data Model
- Validating Identifiers
- Creating Message Templates
- More about Plugins
- Registry Jobs
- Status Management
- CO Services
- Intro to the COmanage API
- Overview of COmanage Match
COmanage Registry - Managing Offboarding
Eventually, people that you have registered in your COmanage Registry Collaboration/ Organization will no longer have a connection to part or all of your organization or collaboration. Offboarding is a process for updating these relationships as they evolve. COmanage Registry supports offboarding by allowing one to configure a set of Expiration Policies that manage a person's status and relationship to the representation of your Collaboration/Organization within Registry.
An increasing number of institutions have been exploring how they may leverage tools like Registry to support their Offboarding needs.
Read more about Offboarding in Registry on our new wiki page, Offboarding and Expiration Policies.
COmanage News
This newsletter section is designed to provide additional transparency on the day-to-day workings of COmanage. Have ideas about other information that we should be including? Let us know on the #incommon-comanage slack channel or by emailing Laura!
UPCOMING OPEN OFFICE HOURS
The last Open Office Hours for 2022 (and their Topic Aperitifs) are on a different schedule:
- Wed, 7 DEC 12:30 MT: Open Office Hours LIVE! at Technology Exchange. TOPIC: COmanage Registry 5.0.0 (PE) - an early preview!
Click the link above to see the meetings in your time zone and add them to your calendar.
COmanage AT TECHNOLOGY EXCHANGE IN DECEMBER!
We are so excited that several sessions will focus COmanage tools at Internet2’s Technology EXchange this December 5-9 in Denver, CO, USA:
Open Office Hours LIVE! (Newly Added!)
December’s Topic Aperitif: COmanage Registry 5.0.0 (PE)
COmanage Registry is undergoing a significant update with version 5.0.0. With a substantial upgrade to the underlying development framework, CakePHP, we are taking the opportunity to review current Registry uses and adjust the code and features to better align with how the system is being used today. For this month’s “topic aperitif” we will discuss the expected changes, share some exciting functionality and interface updates, and talk about timing. We look forward to your questions, comments, and suggestions, both about this update and any other COmanage topics. This session will be offered in person during a TechEx lunch session as well as our traditional online offering.
Making it Sticky: Offering Shared Services via InCommon Glue (Newly Added!)
Have services you want to offer schools in your state or region, but it’s tough to manage the individual access details? Want to help your member schools access those shared services and the world of academic collaboration?
The community has news for you! Join us to hear OARnet’s experience this year and learn how the InCommon community has been working on several initiatives to help a diversity of organizations to participate. There are also education programs and partner-provided tools to help bridge the gap. Please join us to explore resources available to support your needs.
Hands-on Introduction to COmanage Match
In this tutorial, you will learn how to set up matching rules, how to use dictionaries to set up more sophisticated matches, and techniques for testing and refining your match rules. Each participant will need a device with web browser capability. Tutorial limit: 20 participants.
Bridging the Divide: Dynamic MFA Using PrivacyIDEA, SATOSA, and COmanage
A growing number of Service Providers (SPs) require their users to sign in using Multi-factor Authentication (MFA) to ensure that SP-provided resources are securely accessed. However, federated Identity Providers (IdPs) are still evolving in their support for MFA. A flexible bridge solution is needed.
To address this challenge, the NIAID Discovery and Collaboration Platform (NDCP) developed a Dynamic MFA solution that uses campus MFA assertions when available and NDCP MFA when not. This solution combines three powerful tools: 1) PrivacyIDEA for token management and runtime authentication, 2) COmanage for NDCP MFA registration when IdPs don't provide MFA, and 3) SATOSA for SAML assertion and flow management. MFA-secured authentication from IdPs can be used directly even if the IdP does not signal it, and can automatically adjust when an IdP starts signaling MFA.
Join us to learn why Dynamic MFA is essential for Virtual Organizations looking to leverage federated MFA, and how to make it work. Presenters will cover implementation and code release, the MFA deployment process, and challenges/lessons learned along the way.
ACAMP: BYOCT
And, of course, we hope to collaborate with you as you Bring Your Own COmanage Topic (BYOCT) to Advanced CAMP - the unconference component of CAMP week at Technology EXchange.
That’s it for this month’s newsletter; keep an eye out for our next one scheduled for late November. We hope to welcome you during our Open Office Hours on October 27th!
About The COmanage Project
COmanage is an Open Source Project that is focused on streamlining digital lifecycle management for your populations. It consists of two tools: Registry and Match.
COmanage Registry is an identity registry with flexible enrollment and lifecycle management capabilities that helps you meet your identity management objectives using standardized tools and approaches. It can be used as a central person registry, a guest management system, or a collaboration hub for scholarly collaborations.
COmanage Match performs identity de-duplication in order to help minimize the creation of duplicate accounts for the same individual. It provides a heuristic-based system for matching identity records across multiple authoritative systems of record. Match can be used with Registry or as a standalone product complementary to your other tools.
Learn more about the project and its supporters at https://incommon.org/software/comanage/.
NEWSLETTER
ISSUE #12 | September 29, 2022
Taking a Closer Look
This month we invite you to take a closer look. Our Open Office Hours Topic Aperitif features an exploration of the container packaging documentation, an essential resource to ensuring that your Registry and Match installations are just as you want them. We also zoom in on a new feature for Registry 4.1, Person Vetting, which is useful for background checks and compliance. In our News section, note the different dates and times for the last two Open Office Hours for the year, in particular our LIVE! one in December at TechEx.
Open Office Hours - October 7
Do you have a question about deploying or configuring Registry or Match? Want to get some input on a solution architecture design? Want to hear how your colleagues in the community are solving problems similar to yours? Each month you can bring your topics for discussion to the call. No need to register or spin up a presentation (but feel free if it suits you!); just show up! A short conversation starter kicks off each session to help get the discussion started.
Friday, October 7 at 12:00 PM (America/New York) (no registration necessary)
https://us06web.zoom.us/j/84743471575?pwd=d29QNFM1KzEwUFZvRFg0enJ1dlNmQT09
IN YOUR TIMEZONE & link for your calendar
October's Topic Aperitif: COmanage Packaging
This month we will spend some time exploring the container packaging for the COmanage Project tools. Scott Koranda will review the resources available, and the best ways to use them. We will follow this 15 min chat with topics of your choosing. Bring your questions, comments, and suggestions about any topic to office hours with the COmanage project team.
COmanage Registry Person Vetting
Soon-to-be-released Registry v4.1.0 introduces the concept of Vetting, where a CO Person can be reviewed via one or more vetting processes (called Vetting Steps). Vetting is useful for purposes such as background checks or compliance, for example, checking a person’s home/business country of residence against a dictionary list of State Sponsors of Terrorism. Vetting Steps can be run on demand, or as part of an Enrollment Flow.
Vetting Steps can be configured for automatic or manual processing, and are implemented via Vetting Plugins. Vetting Steps are configured at the CO level, meaning in the current implementation the same Vetting Steps are applied to all members of the CO, regardless of COU memberships or other considerations. The data used for Vetting is specific to each Plugin.
Read more about Person Vetting in the COmanage Wiki.
COmanage News
This newsletter section is designed to provide additional transparency on the day-to-day workings of COmanage. Have ideas about other information that we should be including? Let us know on the #incommon-comanage slack channel or by emailing Laura!
UPCOMING OPEN OFFICE HOURS
The last Open Office Hours for 2022 (and their Topic Aperitifs) are on a different schedule:
- Thu, 27 OCT 3:00 ET: TOPIC: Pick a topic, with the latest training cohort
- Wed, 7 DEC 12:30 MT: Open Office Hours LIVE! at Technology Exchange. TOPIC: COmanage Registry 5.0.0 (PE) - an early preview!
Click the links above to see the meetings in your time zone and add them to your calendar.
COmanage REGISTRY TRAINING
Early bird rates end SEP 30! A COmanage Registry training workshop will be held on October 25-27. Learn the basics of administering Registry including connections to Source data, enrolling your population, passing information from Registry to your other systems, and lifecycle management. Register now. (The next Registry training workshop will be offered in Spring 2023)
COmanage AT TECHNOLOGY EXCHANGE IN DECEMBER!
We are so excited that several sessions will focus COmanage tools at Internet2’s Technology EXchange this December 5-9 in Denver, CO, USA:
Open Office Hours LIVE! (Newly Added!)
December’s Topic Aperitif: COmanage Registry 5.0.0 (PE)
COmanage Registry is undergoing a significant update with version 5.0.0. With a substantial upgrade to the underlying development framework, CakePHP, we are taking the opportunity to review current Registry uses and adjust the code and features to better align with how the system is being used today. For this month’s “topic aperitif” we will discuss the expected changes, share some exciting functionality and interface updates, and talk about timing. We look forward to your questions, comments, and suggestions, both about this update and any other COmanage topics. This session will be offered in person during a TechEx lunch session as well as our traditional online offering.
Making it Sticky: Offering Shared Services via InCommon Glue (Newly Added!)
Have services you want to offer schools in your state or region, but it’s tough to manage the individual access details? Want to help your member schools access those shared services and the world of academic collaboration?
The community has news for you! Join us to hear OARnet’s experience this year and learn how the InCommon community has been working on several initiatives to help a diversity of organizations to participate. There are also education programs and partner-provided tools to help bridge the gap. Please join us to explore resources available to support your needs.
Hands-on Introduction to COmanage Match
In this tutorial, you will learn how to set up matching rules, how to use dictionaries to set up more sophisticated matches, and techniques for testing and refining your match rules. Each participant will need a device with web browser capability. Tutorial limit: 20 participants.
Bridging the Divide: Dynamic MFA Using PrivacyIDEA, SATOSA, and COmanage
A growing number of Service Providers (SPs) require their users to sign in using Multi-factor Authentication (MFA) to ensure that SP-provided resources are securely accessed. However, federated Identity Providers (IdPs) are still evolving in their support for MFA. A flexible bridge solution is needed.
To address this challenge, the NIAID Discovery and Collaboration Platform (NDCP) developed a Dynamic MFA solution that uses campus MFA assertions when available and NDCP MFA when not. This solution combines three powerful tools: 1) PrivacyIDEA for token management and runtime authentication, 2) COmanage for NDCP MFA registration when IdPs don't provide MFA, and 3) SATOSA for SAML assertion and flow management. MFA-secured authentication from IdPs can be used directly even if the IdP does not signal it, and can automatically adjust when an IdP starts signaling MFA.
Join us to learn why Dynamic MFA is essential for Virtual Organizations looking to leverage federated MFA, and how to make it work. Presenters will cover implementation and code release, the MFA deployment process, and challenges/lessons learned along the way.
ACAMP: BYOCT
And, of course, we hope to collaborate with you as you Bring Your Own COmanage Topic (BYOCT) to Advanced CAMP - the unconference component of CAMP week at Technology EXchange.
That’s it for this month’s newsletter; keep an eye out for our next one scheduled for late October. We hope to welcome you during our Open Office Hours on October 7th!
About The COmanage Project
COmanage is an Open Source Project that is focused on streamlining digital lifecycle management for your populations. It consists of two tools: Registry and Match.
COmanage Registry is an identity registry with flexible enrollment and lifecycle management capabilities that helps you meet your identity management objectives using standardized tools and approaches. It can be used as a central person registry, a guest management system, or a collaboration hub for scholarly collaborations.
COmanage Match performs identity de-duplication in order to help minimize the creation of duplicate accounts for the same individual. It provides a heuristic-based system for matching identity records across multiple authoritative systems of record. Match can be used with Registry or as a standalone product complementary to your other tools.
Learn more about the project and its supporters at https://incommon.org/software/comanage/.
NEWSLETTER
ISSUE #11 | August 26, 2022
Summer Fun
This month we will take a small break in our programming during Open Office Hours to accommodate those who may be taking a long US Labor Day holiday. Hopefully, you still will join us for some ice cream trivia fun as an ice (cream) breaker to our COmanage questions and discussion. COmanage-specific Topic Aperitifs will return next month. In this newsletter, we share how we plan for containerized versions of COmanage. Also, check out the News section that outlines our plans for connecting with the community through the end of the calendar year.
Open Office Hours - September 2
Do you have a question about deploying or configuring Registry or Match? Want to get some input on a solution architecture design? Want to hear how your colleagues in the community are solving problems similar to yours? Each month you can bring your topics for discussion to the call. No need to register or spin up a presentation (but feel free if it suits you!); just show up! A short conversation starter kicks off each session to help get the discussion started.
Friday, September 2 at 12:00 PM (America/New York) (no registration necessary)
https://us06web.zoom.us/j/84743471575?pwd=d29QNFM1KzEwUFZvRFg0enJ1dlNmQT09
IN YOUR TIMEZONE & link for your calendar
September's Topic Aperitif: End of Summer Fun
In many countries, the end of summer is near. In the United States, Labor Day Weekend (which starts the Saturday after Open Office Hours) is the unofficial last weekend of Summer. Given the US holiday, we thought that participation may be light this month. Rather than fielding the “will this be recorded” questions from those who will be taking some time off, our “topic aperitif” this month is a small homage to summer with a very short Ice Cream Trivia quiz game. Who will play it cool and who will become legend-dairy? As always, we will follow this 15 min intro with topics of your choosing. Bring your questions, comments, and suggestions about any COmanage topic to office hours with the project team.
COmanage Container Planning
If you use containerized versions of COmanage Registry (or Match), you might be wondering what guiding principles the COmanage project uses for developing and maintaining containers, and what the vision is for evolving and supporting containerized packaging. For the answers, we point you to the COmanage Container Roadmap that describes the guiding rationale and plan for building COmanage containers.
COmanage News
This newsletter section is designed to provide additional transparency on the day-to-day workings of COmanage. Have ideas about other information that we should be including? Let us know on the #incommon-comanage slack channel or by emailing Laura!
UPCOMING OPEN OFFICE HOURS
The final three Open Office Hours for 2022 (and their Topic Aperitifs) will be on a different schedule. Approximate timing is listed below; links for your calendar will be provided in next month's newsletter:
- OCT: week of 3 Oct (TBD) - Topic: Community Sharing TBA
- NOV: Thu, 27 Oct (NEW DAY!) - Topic: Open topics with the latest training cohort
- DEC: Open Office Hours LIVE! at Technology Exchange. (we’ll use zoom for those participating remotely) Date & time to come once assigned.
COmanage AT TECHNOLOGY EXCHANGE IN DECEMBER!
We are so excited that we will be presenting at Internet2’s Technology EXchange this December 5-9 in Denver, CO, USA:
Hands-on Introduction to COmanage Match
In this tutorial, you will learn how to set up matching rules, how to use dictionaries to set up more sophisticated matches, and techniques for testing and refining your match rules. Each participant will need a device with web browser capability. Tutorial limit: 20 participants.
Bridging the Divide: Dynamic MFA Using PrivacyIDEA, SATOSA, and COmanage
A growing number of Service Providers (SPs) require their users to sign in using Multi-factor Authentication (MFA) to ensure that SP-provided resources are securely accessed. However, federated Identity Providers (IdPs) are still evolving in their support for MFA. A flexible bridge solution is needed.
To address this challenge, the NIAID Discovery and Collaboration Platform (NDCP) developed a Dynamic MFA solution that uses campus MFA assertions when available and NDCP MFA when not. This solution combines three powerful tools: 1) PrivacyIDEA for token management and runtime authentication, 2) COmanage for NDCP MFA registration when IdPs don't provide MFA, and 3) SATOSA for SAML assertion and flow management. MFA-secured authentication from IdPs can be used directly even if the IdP does not signal it, and can automatically adjust when an IdP starts signaling MFA.
Join us to learn why Dynamic MFA is essential for Virtual Organizations looking to leverage federated MFA, and how to make it work. Presenters will cover implementation and code release, the MFA deployment process, and challenges/lessons learned along the way.
That’s it for this month’s newsletter; keep an eye out for our next one scheduled for late September. We hope to see you at our Open Office Hours on September 2nd!
About The COmanage Project
COmanage is an Open Source Project that is focused on streamlining digital lifecycle management for your populations. It consists of two tools: Registry and Match.
COmanage Registry is an identity registry with flexible enrollment and lifecycle management capabilities that helps you meet your identity management objectives using standardized tools and approaches. It can be used as a central person registry, a guest management system, or a collaboration hub for scholarly collaborations.
COmanage Match performs identity de-duplication in order to help minimize the creation of duplicate accounts for the same individual. It provides a heuristic-based system for matching identity records across multiple authoritative systems of record. Match can be used with Registry or as a standalone product complementary to your other tools.
Learn more about the project and its supporters at https://incommon.org/software/comanage/.
NEWSLETTER
ISSUE #10 | July 29, 2022
It's All About the Match
It’s here! The long-awaited COmanage Match v1.0.0 has been released! There has been so much interest in Match that we decided to dedicate this month’s newsletter to it. Come by next week to see Match in action during our Open Office Hours. Take a look at our documentation. And, follow some useful links that we have included. We can’t wait to hear what you think!
Open Office Hours - August 5
Do you have a question about deploying or configuring Registry or Match? Want to get some input on a solution architecture design? Want to hear how your colleagues in the community are solving problems similar to yours? Each month you can bring your topics for discussion to the call. No need to register or spin up a presentation (but feel free if it suits you!); just show up! A short conversation starter kicks off each session to help get the discussion started.
Friday, August 5 at 12:00 PM (America/New York) (no registration necessary)
https://us06web.zoom.us/j/84743471575?pwd=d29QNFM1KzEwUFZvRFg0enJ1dlNmQT09
IN YOUR TIMEZONE & link for your calendar
August's Topic Aperitif: Meet Your Match
COmanage Match has been much anticipated and is already being piloted by some organizations. Match provides an engine to help manage potential duplicates in your person (or other) registry. For this month’s “topic aperitif” we will do a show & tell of COmanage Match and its integration with Registry. We will follow this 15 min chat with topics of your choosing. Bring your questions, comments, and suggestions about any topic to office hours with the COmanage project team.
Getting Started with Match
To complement the Match Technical Manual, we have added several pages to our wiki to help those less familiar with COmanage to navigate the available information. This Match User Guide provides additional context that is useful in getting to know the capabilities of Match. We welcome your questions and suggestions for additional resources to include.
COmanage News
This newsletter section is designed to provide additional transparency on the day-to-day workings of COmanage. Have ideas about other information that we should be including? Let us know on the #incommon-comanage slack channel or by emailing Laura!
COmanage AT TECHNOLOGY EXCHANGE IN DECEMBER!
We are so excited that we will be presenting at Internet2’s Technology EXchange this December 5-9 in Denver, CO, USA:
Hands-on Introduction to COmanage Match
In this tutorial, you will learn how to set up matching rules, how to use dictionaries to set up more sophisticated matches, and techniques for testing and refining your match rules. Each participant will need a device with web browser capability. Tutorial limit: 20 participants.
Bridging the Divide: Dynamic MFA Using PrivacyIDEA, SATOSA, and COmanage
A growing number of Service Providers (SPs) require their users to sign in using Multi-factor Authentication (MFA) to ensure that SP-provided resources are securely accessed. However, federated Identity Providers (IdPs) are still evolving in their support for MFA. A flexible bridge solution is needed.
To address this challenge, the NIAID Discovery and Collaboration Platform (NDCP) developed a Dynamic MFA solution that uses campus MFA assertions when available and NDCP MFA when not. This solution combines three powerful tools: 1) PrivacyIDEA for token management and runtime authentication, 2) COmanage for NDCP MFA registration when IdPs don't provide MFA, and 3) SATOSA for SAML assertion and flow management. MFA-secured authentication from IdPs can be used directly even if the IdP does not signal it, and can automatically adjust when an IdP starts signaling MFA.
Join us to learn why Dynamic MFA is essential for Virtual Organizations looking to leverage federated MFA, and how to make it work. Presenters will cover implementation and code release, the MFA deployment process, and challenges/lessons learned along the way.
Moment of Zen: Now for something a little different...
Since we’ve spent much of this newsletter talking about COmanage Match we thought a change in pace would be fun with a Spot the Differences game! Take a look at the picture below where there are over 15 differences. Can you find them all? Hints and solutions (hover over the photo at the solutions link) can be found on the Flickr site.
CC BY-NC-SA 2.0: Spot the Difference. Caroline. 2013-Feb-18. Fickr. https://flic.kr/p/dVQwna
That’s it for this month’s newsletter; keep an eye out for our next one scheduled for late August. We hope to see you at our Open Office Hours on August 5th!
About The COmanage Project
COmanage is an Open Source Project that is focused on streamlining digital lifecycle management for your populations. It consists of two tools: Registry and Match.
COmanage Registry is an identity registry with flexible enrollment and lifecycle management capabilities that helps you meet your identity management objectives using standardized tools and approaches. It can be used as a central person registry, a guest management system, or a collaboration hub for scholarly collaborations.
COmanage Match performs identity de-duplication in order to help minimize the creation of duplicate accounts for the same individual. It provides a heuristic-based system for matching identity records across multiple authoritative systems of record. Match can be used with Registry or as a standalone product complementary to your other tools.
Learn more about the project and its supporters at https://incommon.org/software/comanage/.
NEWSLETTER
ISSUE #9 | June 29, 2022
Welcome!
Today we’re welcoming the latest cohort of COmanage Registry workshop participants. We hope that you’ll join us for the open office hours (at a new time this month), to help welcome them to the community. We have been busy this month with plenty of meetings and travel. We’re looking forward to sharing more about what we’ve learned next month!
Open Office Hours - June 30 (THURSDAY)
NOTE: Open Office Hours will be on a different day of the week and time this month.
Do you have a question about deploying or configuring Registry or Match? Want to get some input on a solution architecture design? Want to hear how your colleagues in the community are solving problems similar to yours? Each month you can bring your topics for discussion to the call. No need to register or spin up a presentation (but feel free if it suits you!); just show up! A short conversation starter kicks off each session to help get the discussion started.
THURSDAY, June 30 at 2:00 PM (America/New York) (no registration necessary)
https://us06web.zoom.us/j/84743471575?pwd=d29QNFM1KzEwUFZvRFg0enJ1dlNmQT09
IN YOUR TIMEZONE & link for your calendar
Note the new zoom link…
June's Topic Aperitif: Pick a topic
When we teach the COmanage Registry workshop, the last session has participants voting on the topics that they would like to hear more about or were not covered during training. This month we invite the broader community to join in this tradition, both to hear the topics and to contribute your insights and experiences to the conversation. The topics that are up for consideration are:
- Account Linking
- Duplicate Management
- Extending the COmanage Data Model
- Validating Identifiers
- Creating Message Templates
- More about Plugins
- Registry Jobs
- Status Management
- CO Services
- Intro to the COmanage API
- Overview of COmanage Match
COmanage News
This newsletter section is designed to provide additional transparency on the day-to-day workings of COmanage. Have ideas about other information that we should be including? Let us know on the #incommon-comanage slack channel or by emailing Laura!
COmanage REGISTRY HIGHLIGHTED AT BaseCAMP
During InCommon’s BaseCAMP this month, Registry was highlighted during the Registry 201 talk. You can see copies of the slides in the wiki.
That’s it for this month’s newsletter. Keep an eye out for our next one scheduled for late July. We hope to see you during our Open Office Hours on June 30th!
About The COmanage Project
COmanage is an Open Source Project that is focused on streamlining digital lifecycle management for your populations. It consists of two tools: Registry and Match.
COmanage Registry is an identity registry with flexible enrollment and lifecycle management capabilities that helps you meet your identity management objectives using standardized tools and approaches. It can be used as a central person registry, a guest management system, or a collaboration hub for scholarly collaborations.
COmanage Match performs identity de-duplication in order to help minimize the creation of duplicate accounts for the same individual. It provides a heuristic-based system for matching identity records across multiple authoritative systems of record. Match can be used with Registry or as a standalone product complementary to your other tools.
Learn more about the project and its supporters at https://incommon.org/software/comanage/.
NEWSLETTER
ISSUE #8 | May 30, 2022
This and That
In this month’s newsletter, we have a little of this and a little of that to share. We will be welcoming LIGO to our Open Office Hours to share their experience with building and using a custom Registry plugin. We also share an excerpt from our Help & Support page, How to File a Bug Report. Finally, in June we will have a bonus training session for COmanage Registry and will be changing the date of next month’s Open Office Hours to include this new training cohort.
Open Office Hours - June 3
Do you have a question about deploying or configuring Registry or Match? Want to get some input on a solution architecture design? Want to hear how your colleagues in the community are solving problems similar to yours? Each month you can bring your topics for discussion to the call. No need to register or spin up a presentation (but feel free if it suits you!); just show up! A short conversation starter kicks off each session to help get the discussion started.
Friday, June 3 at 12:00 PM (America/New York) (no registration necessary)
https://illinois.zoom.us/j/84190579924?pwd=a1R6Q3VjWi92SHRETlVDMEthZVJYZz09
IN YOUR TIMEZONE & link for your calendar
June's Topic Aperitif: LIGO EffortManager
This month we will hear about the custom plugin, EffortManager, that was developed and is used by the LIGO Scientific Collaboration (LSC). EffortManager is used to enter the number of research effort hours spent by investigators. This information is tracked per individual (via a co_person role in COmanage) and is used to determine authorship privileges within the LIGO collaboration. The EffortManager plugin uses techniques that would be of interest to many plugin types: it is integrated with the menus, has context-sensitive rendering, and is called from enrollment flows. Come hear about this great project from Mike Manske, Associate Scientist at UWM Center for Gravitation, Cosmology, and Astrophysics and a member of the LIGO Scientific Collaboration (LSC). After this 15 min chat, we’ll continue with topics of your choosing. Bring your questions, comments, and suggestions about any topic to office hours with the COmanage project team.
How to File a Bug Report
This section is an excerpt from our Help & Support wiki page. Please refer to the page for more detailed instructions.
Bugs happen, and we want to know when they do! Given the large number of use cases that are addressed by COmanage, it is quite difficult to test for every prospective bug that could exist in the code. As a result, day-to-day users of COmanage may discover features that are not behaving as they should. What should you do in these situations? We’re glad you asked!
CHECK. When you first recognize a problem, a great starting point is to check the list of reported issues in the COmanage Issue Tracker to see if someone else has already reported the issue.
REPORT. If the issue you have discovered has not been reported, you can make a new one by signing into the Issue Tracker and creating a new detailed issue.
STAY INVOLVED. If you are able, consider submitting a patch to address the issue that you found. Or minimally you can “watch” the issue that you submitted so that you receive notifications when it is updated.
We look forward to your bug reports!
COmanage News
This newsletter section is designed to provide additional transparency on the day-to-day workings of COmanage. Have ideas about other information that we should be including? Let us know on the #incommon-comanage slack channel or by emailing Laura!
Training in June!
There is still time to sign up for training. A COmanage Registry training workshop has been added to the calendar for June 28-30. Learn the basics of administering Registry including connections to Source data, enrolling your population, passing information from Registry to your other systems, and lifecycle management. Register now. (The next training workshop will be offered in October 2022)
CHANGE: New Day for the Next Open Office Hours
Mark your calendar. After this week, the next Open Office Hours will be on Thursday, June 30 at 2:00 Eastern (NYC) instead of that week’s Friday. This change is so that the office hours are coordinated with the next training session so that this new cohort can join us. Come and welcome them to the user community!
Moment of Zen: The Solstice is Coming!
Travel and weather have been topics of conversation during our conference calls lately. For this month’s “moment of zen” we’re sharing some fun facts about the upcoming solstice. (An excerpt from Mental Floss.)
- The name comes from the fact that the Sun appears to stand still. The term solstice is derived from the Latin words sol (Sun) and sistere (to stand still), because the Sun's relative position in the sky at noon does not appear to change much during the solstice and its surrounding days. The rest of the year, the Earth's tilt on its axis—roughly 23.5 degrees—causes the Sun's path in the sky to rise and fall from one day to the next.
- One of the world's biggest bonfires was part of a summer solstice celebration. Cultures around the world have held celebrations in conjunction with the solstice for hundreds of years. Among these is Midsummer, which is celebrated on June 24 in Scandinavia and other northern European countries. In 2016, the people of Ålesund, Norway, set a world record for the tallest bonfire with their 155.5-foot celebratory blaze (their record was broken in 2019 by Austrian Carnival festivities).
- Thousands of people gather at Stonehenge to celebrate the summer solstice. People have long believed Stonehenge was the site of ancient druid solstice celebrations because of the way the Sun lines up with the stones on the winter and summer solstices. While there's no proven connection between Celtic solstice celebrations and the megalithic monument, these days, thousands of modern pagans gather at the landmark to watch the sunrise on the solstice.
- The ancient Chinese honored the yin on the summer solstice. In ancient China, the summer solstice was the yin to the winter solstice's yang—literally. Throughout the year, the Chinese believed, the powers of yin and yang waxed and waned in reverse proportion to each other. At the summer solstice, the influence of yang was at its height, but the celebration centered on the impending switch to yin. At the winter solstice, the opposite switch was honored.
- The summer solstice marks a dark time in science history. Legend has it that it was on the summer solstice in 1633 that Galileo Galilei was forced to recant his declaration that the Earth revolves around the Sun; even with doing so, he still spent the rest of his life under house arrest.
That’s it for this month’s newsletter. Keep an eye out for our next one scheduled for late June. We hope to see you during our Open Office Hours on June 3rd!
About The COmanage Project
COmanage is an Open Source Project that is focused on streamlining digital lifecycle management for your populations. It consists of two tools: Registry and Match.
COmanage Registry is an identity registry with flexible enrollment and lifecycle management capabilities that helps you meet your identity management objectives using standardized tools and approaches. It can be used as a central person registry, a guest management system, or a collaboration hub for scholarly collaborations.
COmanage Match performs identity de-duplication in order to help minimize the creation of duplicate accounts for the same individual. It provides a heuristic-based system for matching identity records across multiple authoritative systems of record. Match can be used with Registry or as a standalone product complementary to your other tools.
Learn more about the project and its supporters at https://incommon.org/software/comanage/.
Want to receive this information via email?
Subscribe to one of the COmanage mailing lists!
See the COmanage Email Lists wiki page for more details.
NEWSLETTER
ISSUE #7 | April 30, 2022
The COmanage Community
One of our favorite parts about working on COmanage is the rich discussions and collaborations that we have with the community members. This group makes COmanage possible and inspires and drives the impact of the software, both in the offered features and how COmanage is used. This month features an Open Office Hours discussion from CILogon, which maintains one of the largest COmanage installations, and an updated wiki landing page for our community resources.
Open Office Hours - May 6
Do you have a question about deploying or configuring Registry or Match? Want to get some input on a solution architecture design? Want to hear how your colleagues in the community are solving problems similar to yours? Each month you can bring your topics for discussion to the call. No need to register or spin up a presentation (but feel free if it suits you!); just show up! A short conversation starter kicks off each session to help get the discussion started.
Friday, May 6 at 12:00 PM (America/New York) (no registration necessary)
https://illinois.zoom.us/j/84190579924?pwd=a1R6Q3VjWi92SHRETlVDMEthZVJYZz09
IN YOUR TIMEZONE & link for your calendar
May's Topic Aperitif: CILogon
CILogon provides a hosted, integrated, and open source identity and access management platform for research collaborations, combining federated identity management with collaborative organization management provided by COmanage Registry. Learn about the great work of CILogon during this 15 min chat, after which we’ll continue with topics of your choosing. Bring your questions, comments, and suggestions about any topic to office hours with the COmanage project team.
COmanage Community and Resources
Over the past several months, we have been adding pages to the COmanage wiki to help bundle related information with additional context on how these pieces are related. We are hoping that, in particular, those newer to COmange will find these pages helpful in discovering the rich information in the wiki. This month we added a page to highlight the wiki resources available to support the COmanage Community.
COmanage News
This newsletter section is designed to provide additional transparency on the day-to-day workings of COmanage. Have ideas about other information that we should be including? Let us know on the #incommon-comanage slack channel or by emailing Laura!
Match 1.0.0 - RC3 is available
We published Release Candidate 3 on Friday, April 29. We encourage those exploring Match for its first release to install this version. Please report any issues via JIRA or Slack. We expect to release RC4 or 1.0.0 final around mid-May, depending on what we hear back.
Getting the Latest Version
- Release Candidate:
https://github.internet2.edu/COmanage/match/releases/tag/1.0.0-rc3 - TAP Container Version:
https://spaces.at.internet2.edu/display/ITAP/InCommon+Trusted+Access+Platform+Release
Installation Information
- Installation & Configuration Information:
https://spaces.at.internet2.edu/display/COmanage/COmanage+Match+Technical+Manual - Information for Updating from Previous Versions:
https://spaces.at.internet2.edu/display/COmanage/Upgrading+Match
FAQ: Most Asked? CO vs COU
The number one question that we are asked about COmanage once folks start to use it is the difference between the CO and COU objects and when to use each. While many organizations have natural subdivisions within them, the reason that you would divide your CO into COUs is that there are differences across your CO that necessitate different policies in one or more of the following:
- How individuals join and/or leave
- Differing rules about how applications get provisioned or de-provisioned
- Who manages person membership and privileges
- The information stored or used about members
Basically, if your collaboration, a single entity with common goals, has unique requirements among the different groups and/or departments regarding how participants will join those parts of your collaborations, then, you have a CO that contains COUs. If you have only one common set of policies that define how individuals are added or removed from the CO, then you do not have COU even though you may have groups for simple access control.
Want to learn more? We encourage you to head to our wiki for a deeper explanation and a use case.
That’s it for this month’s newsletter; keep an eye out for our next one scheduled for late May. We hope to see you during our Open Office Hours on May 6th!
About The COmanage Project
COmanage is an Open Source Project that is focused on streamlining digital lifecycle management for your populations. It consists of two tools: Registry and Match.
COmanage Registry is an identity registry with flexible enrollment and lifecycle management capabilities that helps you meet your identity management objectives using standardized tools and approaches. It can be used as a central person registry, a guest management system, or a collaboration hub for scholarly collaborations.
COmanage Match performs identity de-duplication in order to help minimize the creation of duplicate accounts for the same individual. It provides a heuristic-based system for matching identity records across multiple authoritative systems of record. Match can be used with Registry or as a standalone product complementary to your other tools.
Learn more about the project and its supporters at https://incommon.org/software/comanage/.
Want to receive this information via email?
Subscribe to one of the COmanage mailing lists!
See the COmanage Email Lists wiki page for more details.
NEWSLETTER
ISSUE #6 | March 24, 2022
Making COmanage Yours
COmanage is SO configurable. This both gives it its powerful flexibility AND sometimes confusing complexity. On the POWERFUL side, there are many ways that you can customize COmanage for your needs from special behaviors, to the attributes collected, to the way that the COmanage applications look and behave. In this month’s newsletter, we highlight some ways that you can make COmanage uniquely your own.
Open Office Hours - April 1
Do you have a question on deploying or configuring Registry or Match? Want to get some input on a solution architecture design? Want to hear how your colleagues in the community are solving problems similar to yours? Each month you can bring your topics for discussion to the call. No need to register or spin up a presentation (but feel free if it suits you!), just show up! Each session is kicked off by a short conversation starter to help get the discussion started.
Friday, April 1 at 12:00 PM (America/New York) (no registration necessary)
https://illinois.zoom.us/j/84190579924?pwd=a1R6Q3VjWi92SHRETlVDMEthZVJYZz09
IN YOUR TIMEZONE & link for your calendar
April's Topic Aperitif: Getting Personal(ized) with Themes
Even if you love the default COmanage Registry interface, you may want to make changes in how it looks, perhaps to match the look and feel of your organization’s website. For this month’s “‘topic aperitif” Arlen Johnson, resident UI/UX lead at the COmanage Project, will share a demonstration of how themes can change your end user’s experience with COmanage. Get your theming tips and tricks during this 15 min chat, after which we’ll continue with topics of your choosing. Bring your questions, comments, and suggestions about any topic to office hours with the COmanage project team.
Personalizing COmanage
The look and feel of the user interface with themes is not the only way that you can personalize the system for your needs. COmanage personalization features include:
- Themes - make the COmanage sites look and feel like your other sites.
- Dashboards - highlight the functions and information that you want your users to focus on.
- Message templates - create reusable email templates that can be personalized for recipients.
- Localization - for language or to change how things are labeled within the interface. This feature can be used to change the spoken language used for the entire interface or to change a few terms used specifically at your organization.
- CO navigation links - Want to link to other sites from COmanage? This feature is for you!
- Dictionaries - Customizable lists of words or terms that can be (re)used throughout the Registry. These are often used with Attribute Enumerations.
- Attribute enumerations - The ability to change free-form fields to be constrained to a selection of pre-determined values.
- Self-service permissions - With this feature, you can enable your COmange users to manage attributes that may be stored about themselves within COmanage.
You can learn more about each of these features on the new Personalizing COmanage Registry wiki page.
Feel free to bring your questions and use cases repeated to customization to office hours!
COmanage News
This newsletter section is designed to provide additional transparency on the day-to-day workings of COmanage. Have ideas about other information that we should be including? Let us know on the #incommon-comanage slack channel or by emailing Laura!
Note for upcoming Registry deployments using MySQL
If you are newly deploying COmanage and are planning to use MySQL as your database, this note is for you! MySQL versions 8.0.1 or higher are currently incompatible with Registry because of a new MySQL keyword conflict. As a workaround, you can either use an older version of MySQL or use a different database like MariaDB or PostgreSQL.
If this issue is of interest to you, we encourage you to watch Jira issue CO-2383. We expect this issue to be addressed in Registry version 4.0.3.
Match 1.0.0 - there will be an RC3
COmanage uses Release Candidates (RCs) to get feedback prior to the official release. Match v1.0.0 has had two RCs, each thoroughly tested by users. Given this feedback, we will release a third RC to test changes made on RC2. We will announce the RC3 release via the comanage-announce mailing list.
Moment of Zen: Gear Facts
The COmanage logo consists of three gears. These gears symbolize how COmanage serves as an engine to provide greater leverage when processing information from external systems and to prepare them for use by other systems. This got us thinking… what don’t we know about gears? Here are a few gear facts from Easy Science for Kids:
- The first gears were wooden and had wooden teeth. They were used in watermills, windmills, etc.
- First of all, metal gears were used in clocks.
- The gears used in cars are called helical.
- When one gear turns, it also turns the other gear.
- Gears are used to generate more speed or power or transmit power from one part of a machine to another part.
- Not all gears are in a circular shape. A few of them have a shape of cone and square as well.
That’s it for this month’s newsletter; keep an eye out for our next one scheduled for late April. We hope to see you at our Open Office Hours on April 1st!
About The COmanage Project
COmanage is an Open Source Project that is focused on streamlining digital lifecycle management for your populations. It consists of two tools: Registry and Match.
COmanage Registry is an identity registry with flexible enrollment and lifecycle management capabilities that helps you meet your identity management objectives using standardized tools and approaches. It can be used as a central person registry, a guest management system, or a collaboration hub for scholarly collaborations.
COmanage Match performs identity de-duplication in order to help minimize the creation of duplicate accounts for the same individual. It provides a heuristic-based system for matching identity records across multiple authoritative systems of record. Match can be used with Registry or as a standalone product complementary to your other tools.
Learn more about the project and its supporters at https://incommon.org/software/comanage/.
Want to receive this information via email?
Subscribe to one of the COmanage mailing lists!
See the COmanage Email Lists wiki page for more details.