Shibboleth Authentication (sso.kenyon.edu)

Shibboleth is Kenyon's authentication system to log into online resources. When you log into a web resource protected by shibboleth, you are automatically redirected to Kenyon's shibboleth server, sso.kenyon.edu, to log in. The login page looks like this:

Shibboleth Login

After you log in, you are automatically redirected back to the online resource you requested.

FAQ

How do I log out of shibboleth?

Your shibboleth authentication session will time out after 30 minutes. To log out of shibboleth you must close all browser windows and tabs.

Is my password shared with the service provider I'm logging in to? 

No. Your password is validated by Kenyon's shibboleth server.

What is sent to the service provider?

Your name and uesrname is sent to the service provider. The service provider uses that information to customize your experience and level of access.

How do I know I'm logging into the real shibboleth site and not a fake page trying to steal my password

The address bar at the top of the page should show you are connected to https://sso.kenyon.edu. Also, there should be a green padlock with a valid SSL security certifigate.

How do I learn more about how shibboleth works.

Please visit shibboleth.net/about to learn more.

What does the "Don't Remember Login" checkbox do?

Checking the "Don't Remember Login" checkbox will require you to enter a password the next time you log into a shibboleth protected service.