Single Sign-On at the University of Pennsylvania
Our single sign-on offerings at the University of Pennsylvania are undergoing a significant transition. Currently, we have two single sign-on offerings: CoSign and Shibboleth (SAML). CoSign is on the path to retirement and will no longer be available as a service in October 2018. Across campus, planning should be currently underway to either retire your CoSign services or to migrate them to our Shibboleth (SAML) offering.
- CoSign Retirement pizza party (Thursday January 25, register via knowledgelink)
- Weekly Office Hours at the Van Pelt Tech Center G102, every Thursday 12:00 - 1:00
The entire campus should be moving away from CoSign. All new single sign-on applications should be integrated with our Shibboleth (SAML) identity provider.
All web applications that are protected by single sign-on will be affected.
In February of 2017, the capability to register new CoSign services was disabled. In October of 2018, CoSign will be shut down as a service entirely. Please start migrating your CoSign-enabled services to the Shibboleth (SAML) service as soon as possible!
SAML is a well supported and updated standard, and is now easier to deploy on "modern" platforms where CoSign bundles are not available. Many SaaS providers offer SAML integration out of the box which will make it easier to integrate with Penn credentials. Furthermore, Penn will no longer have to support the software distribution of CoSign modules. While Shibboleth is our preferred choice, there are many available SAML implementations that are actively maintained.