Units: plan to discontinue Cosign use by June 2023

Cosign and Shibboleth logos

Information and Technology Services along with many units are working to discontinue use and retire the two-decade old Cosign Authentication service. As part of the U-M Annual Internal Control Certification process for this fiscal year, units are required to attest to discontinuing or planning to discontinue use of Cosign in unit-owned applications by June 2023.

Learn more about the Cosign retirement effort.

Cosign has been the secure, single sign-on, web authentication system in thousands of university applications and websites over the years. Proudly designed at U-M, the open source software was once widely used across higher education around the world. Now only a handful of universities still use Cosign, and the open source community that once maintained it has dwindled. It is not a suitable option for modern, cloud-based technologies.

Ready-to-use resources & support labs
In many situations, website and application owners may choose to remove authentication altogether or replace Cosign with Shibboleth. Shibboleth is a more modern, flexible, and supportable alternative. To assist with the transition, ITS has created a resource kit that contains sample codes, drop-in support lab schedule, and more.

Upcoming drop-in support labs:

More drop-in support labs will be scheduled in 2023. Additionally, members of the project team can be invited to meet with you and others to discuss the transition for your unit specifically.

Cosign is used for logging into websites and other applications, including websites supported by the ITS Web Hosting service. Learn more about the AFS Website Upgrade Project.

Future Cosign server decommission
A date for the complete decommission of the Cosign server and full retirement of the service will be determined and announced at a later date.

The Identity and Access Management team in ITS sincerely appreciates the support and partnership of all unit IT staff in this effort.