Identity Lifecycle

A digital identity is a set of information and attributes that collectively represent an individual on a computer system. At UConn, a digital identity manifests itself as a NetID.

The Birth of a NetID

A NetID starts as a record in one of the various systems of record at UConn. These systems of record include CoreCT, Student Admin, UCHC identity systems, UConn Foundation, and the Affiliates application. These systems supply the required data to the ID System, which aggregates all of the data from the various systems of record and creates a NetID. Once the NetID has been created, it is not yet usable by the individual it represents.

The compiled data is extracted from the ID System and sent downstream to the directory systems. The directory systems (LDAP, AD and Kerberos) take the extracted data and use it to create a live NetID and store attributes to be sent to other systems which request it. These systems include Kuali, HuskyCT, CAS, and many other systems that rely on identity information.

NetID Birthrights

Inherently a NetID has very few birthrights (rights granted by the mere existence of a NetID). A NetID is able to authenticate and gain network access. Birthrights can, however, be extended based on the affiliations a NetID holds. If a NetID is “born” as a student, that NetID will have automatic access to systems like HuskyCT.

The Identity Information Flow

Apart from just receiving data from the systems of record, the ID System also sends data back for them to use internally. This data includes NetID, e-mail address, PID, affiliation and other identifiers.

Below is a graphic of the flow of information throughout the University’s identity systems.

Identity Transition and Retirement

As NetIDs transition to different affiliations and are entered into different systems of record, the ID System aggregates the data and performs mergers on the data and affiliations. A staff member may take classes and become a part-time student. The ID System will match the data coming from the different systems of record (CoreCT and Student Admin) and merge the data into a single NetID, having multiple affiliations with the University.

Once a user ceases to have an affiliation with the University, their NetID will lose its digital affiliations as well. This loss of affiliation will revert the NetID back to the access it had at birth. For certain affiliations, such as students, a state transition will occur from student to Inactive [Under]graduate Student, so that student can access their transcript within Student Admin. These state transitions allow a NetID to retain access greater than its birthrights.

In instances of individuals departing the University in poor standing, NetID access for that individual is locked in perpetuity.