Automating and Delegating Access Controls Using Grouper

Tuesday, May 02 | 8:00AM–9:00AM | Denver Ballroom 4-6, Lower Level 2
Session Type: Breakout Session
Delivery Format: Concurrent Session
In the beginning, we had usernames and passwords. If you could authenticate, there was much rejoicing. Now, we are faced with increased risk and the need to restrict access to special types of users on a large scale. Manually deploying those access controls is time-consuming and cumbersome, especially when the responsibilities of the identity provider and the application owner are not clearly defined. With our implementation of Grouper as an enterprise access management service, we can use data from canonical sources to automate group membership and delegate the manual exceptions at the same time. Possibilities are endless. This is a topic specific/intermediate level session.

Outcomes: Engage in conversation to spark innovative access-control automation * Learn how CU Boulder addressed the problem and how it relates to local needs * Join a movement to normalize authorization in higher education


  • Pregash Devasagayam

    Identity and Access Management Application Administrator, University of Colorado Boulder
  • Kerry Havens

    Associate Director | Identity and Access Management, University of Colorado Boulder
  • Marwan Shaher

    IT Professional, University of Colorado Boulder