What is UQ Authenticate ?

UQ Authenticate (UQ Auth) allows users to seamlessly access a range of UQ websites and services, with the benefit of having to type in their username and password a minimum number of times.

Signing in will create a UQ Authenticate session that lasts for 8 hours. The session ends when you close your web browser, or the session times out, or you logout. ITS recommends that you always close your web browser after logging out.

If you have logged in to one service which uses UQ Authenticate, you will be able to log in to other UQ websites and services that make use of UQ Auth, without having to enter your username and password again. Below is an example showing how UQ Auth is used to log in to e.g. Blackboard and other services.

Enabling UQ Authenticate for University websites and services benefits the UQ community by providing a seamless experience. It also improves security, as users only type their password in to a single, trusted website (auth.uq.edu.au).

 

 

Which applications use UQ Authenticate?

A wide range of UQ websites and services make use of UQ Auth - but not all. At the moment there are more than 100 Service Providers that actively make use of UQ Auth, including the my.UQ portal and learn.uq.edu.au.

 

 

UQ Authenticate and your privacy

The University of Queensland's Privacy Management Policy specifies that the University must collect, store, provide access to, use and disclose personal information in accordance with the Information Privacy Act 2009 (Qld). Whenever a UQ website or online system collects or uses personal information, it must do so in accordance with this policy and with state and federal privacy laws.

In addition to username and password, UQ Auth can accept logins from the Australian Access Federation and some social media providers. Information from these providers which the UQ Authenticate system receives and retains is detailed below.

• The Australian Access Federation
  Data presented to UQ Authenticate from Identity Providers on the Australian Access Federation is restricted to: given name, surname, email address, organisational affiliation, and some commonly used identifiers (ORCiD, auEduPersonSharedToken, eduPersonTargetedId and eduPersonPrincipalName). To facilitate the provision of appropriate service, the UQ Authenticate system may use and store any of these attributes.

• LinkedIn
  Data presented to UQ Authenticate from LinkedIn is restricted to LinkedIn basic profile data. To facilitate the provision of appropriate service, the UQ Authenticate system may use and store the following fields: fisat name, last name, email address and id.

• Google and Facebook
  Data presented to UQ Authenticate from Google and Facebook is restricted to: given name, surname, email address and id. To facilitate the provision of appropriate service, the UQ Authenticate system may use and store any of these attributes.

More information on privacy at UQ can be obtained from the Right to Information and Privacy Office.

 

 

More information

For further information about UQ Auth, please contact the ITS Service Desk, help@its.uq.edu.au.