Action required to continue accessing applications which use Michigan Medicine SAML/SSO Identity Provider Service before March 4, 2022

02/21/2022

This message is intended for HITS staff whose applications use the Michigan Medicine SAML/SSO Identity Provider service (weblogin.med.umich.edu).

 

The production certificate for the Michigan Medicine Web SSO (SAML) / Access Manager / Web login authentication service will expire on Friday, March 4, 2022, and must be replaced before then or logins to the application will fail.

Action Required:

  • Test the application: Replace the old certificate with the new certificate in the application’s SAML configuration, and then try logging into your application. If the login is successful, your application has been successfully updated, and no further action is required for this year’s certificate update.

What to do if login is NOT successful:

  • If the login is unsuccessful, it means that you cannot complete the update until after 5:30 p.m. ET, Wednesday, February 16, when Identity and Access Management (IAM) has finalized Web SSO (SAML) configuration for applications that do not automatically update.
  • Next steps:
    • As of Wednesday, February 16, IAM has finalized its configurations at approximately 5:30 p.m. ET, and IAM will send out an email to you to proceed with testing. To test, replace the old certificate with the new certificate in the application’s SAML configuration, and then try logging into your application.
    • If the login is successful, your application has been successfully updated, and no further action is required for this year’s update.
    • If the login is still unsuccessful, and the application team wants to complete the update immediately:
      • For those teams that want to complete the update later (but no later than Friday, March 4, 2022), please submit a ticket through the Michigan Medicine Help Center (help.med.umich.edu) using the information below to set up a support call with the IAM team.

Certificate change ServiceNow Incident

Submit a ticket through the Michigan Medicine Help Center (help.med.umich.edu) to set up and complete a 30-minute support call with Identity and Access Management (IAM) before Friday, March 4; IAM will use Outlook to schedule the call.  During the call, IAM will assist and coordinate application and certificate changes.  Entries for the Michigan Medicine Help Center (help.med.umich.edu) ticket are provided below:

  • Category:  Service Request
  • Subcategory:  Move/Change/Add
  • Service:  Authentication
  • Service offering:  Web (SSO) SAML Service
  • Assignment group:  Identity and Access Management
  • Short Description:  Application team certificate roll-over support

Additional Support:

  • If you have questions or concerns regarding this message, submit a ticket via the Michigan Medicine Help Center (help.med.umich.edu) to the group "Identity and Access Management.”
Services & Support