On November 1, 2023, the ITS Identity and Access Management (IAM) team and colleagues across ITS and the university gathered to celebrate the retirement of the Cosign service at U-M. Created by members of U-M’s IT Commons group in 2001, Cosign was a web-based, single-sign-on solution that was rapidly adopted at other universities. As U-M’s Cosign reached the end of its 20+ year lifespan this fall, staff from ITS IAM, ITS Web Hosting, and LSA gathered to pay their respects to a service that revolutionized the use of single-sign-on across the higher ed landscape.
DePriest Dockins, director of IAM, recalled the reactions he got from other universities when he participated in conferences around the country at the height of Cosign’s adoption. “I joined IAM well after the creators of Cosign had moved on, but when I’d introduce myself to members of other universities, they’d talk about the Cosign pioneers as if they were rock stars.”
One of U-M’s Cosign early adopters, Mark Montague, manager of the ITS Web Hosting team, was on hand at the gathering to share his experiences. Mark piloted Cosign at LSA in 2001, and after many years of using Cosign in different roles across the university, in 2023 he managed the retirement of Cosign from over 1,000 ITS-hosted websites. Despite the need to move on from Cosign, Mark explained how the solution was able to do things that more modern services could not. “Cosign is still the only single-sign-on method that has constant authentication checking and a truly functioning single-sign-out option.”
Many IAM team members who shared fond memories and stories of their time supporting Cosign. A common theme from everyone was that Cosign enjoyed such a long lifespan because it did what it was supposed to do, and just kept working. All the ITS team members expressed gratitude for the engagement and effort that our campus partners put into the successful retirement of Cosign.