Identity Governance for Higher Education.
Identity Governance for higher education — designed for the eduPerson schema, FERPA access controls, sponsored guest provisioning, semester-boundary role transitions, and federated identity within the InCommon Research & Scholarship category.
Drivers in higher education
- FERPA access controls on student educational records
- eduPerson schema integration (eduPersonAffiliation, eduPersonScopedAffiliation)
- Semester-boundary role transitions (alumni, prospective, current student)
- Sponsored guest provisioning (visiting scholars, contractors)
Regulations this combination must satisfy.
- FERPA
- GLBA (financial aid scope)
- State data protection laws (BIPA in IL, CA SB-1424)
Patterns we actually ship for higher education.
- Pattern · 01
Banner / PeopleSoft / Workday Student integration for source-of-record
- Pattern · 02
Affiliation-based role engineering rather than identity-based
- Pattern · 03
eduPerson SCIM extension for federated SP provisioning
- Pattern · 04
Sponsored-guest lifecycle with named sponsor + automatic expiry
Common questions.
How do you handle the eduPerson schema?+
eduPerson scoped affiliation is the higher-ed extension to standard SCIM. We provision affiliations ([email protected], [email protected]) rather than just identities, which lets downstream applications make role decisions.
Do you support InCommon federation?+
Yes — Shibboleth, eduGAIN, and InCommon Research & Scholarship category federation. Often pairs with our Identity Federation practice for SP-side onboarding.
Ready to scope Identity Governance for Higher Education?
Two-week diagnostic. Audit-ready artifacts. Same engineers from discovery through handoff.