Grouper is an enterprise access management system designed for the highly distributed management environment and heterogeneous information technology environment common to universities. Operating a central access management system that supports both central and distributed IT reduces risk.
Grouper is part of the InCommon Trusted Access Platform, an open-source IAM suite available as packaged software, making it simpler to install and configure.
Why Use Grouper?
- Coordinated Collaboration Grouper helps collaboration happen. You can set up groups, roles, and permissions for many purposes, such as populating and administering standing committees, ad hoc research teams, departments, or classes. Key collaborative applications -- mailing lists, wikis, calendars, etc. -- can use this group, role, and permission information to make authorization decisions.
- Single Point of Control When using Grouper, once a person is added or removed from a group, the group-related privileges are automatically updated in all of your collaborative applications. Grouper allows efficient management of the membership roster at a single point.
- Who Can Use Grouper? Anyone needing to manage group access to resources can use Grouper -- from accountants to zoologists. A researcher might create a group and enable members to participate on an email list or view a web site. Students might use Grouper to set up and manage groups for similar applications as they work together on shared projects and class work. Your IT staff can delegate group management and enable those leading collaborations to set up and manage their own groups.
The Grouper Project has received funding and development resources from
- National Science Foundation (NSF) Grant No. OCI-0330626, OCI-0721896, and OCI-1032468
- Joint Information Systems Committee (JISC) (UK)
- University of Chicago, University of Pennsylvania, Duke University, University of Washington, University of Memphis, University of Bristol (UK)
- Lower cost & time to deliver new services
- Simplify management by using the same group or role in many places and automating changes to access privileges as a person’s roles change
- Empower the right people to manage access, taking central IT out of the loop
- Increase transparency and auditability - see who can access what with a report rather than a fire drill
- Grouper integrates with almost any existing access management infrastructure
- Supportive community of Grouper users worldwide See deployment stories and resources shared on the Grouper wiki.
- TIER Grouper Deployment Guide.
- Online Library of Grouper Training Videos available on the wiki.
Grouper is open-source software licensed under the Apache 2.0 license. See http://www.apache.org/licenses/LICENSE-2.0.html for a copy of this license.
Where can I find Grouper Training?
Where can I find the answer to technical questions?
Why should I use groups in my IAM infrastructure?
What problems does Grouper solve?
Who manages all of these groups?
How does Grouper help the IT staff?
How does Grouper enhance collaboration?
What do I need to have in place?
To implement Grouper, you need to have:
- an institutional identity management system and a model for how privilege management fits in.
- a good relationship with key stakeholders across campus to develop the policy and business rules associated with groups and related authority issues.
- the resources to implement and support the model.
Where can I find more information about identity management?
Who are the Grouper developers?
How do I get on the Grouper-Users email list?
Where can I see a diagram explaining Grouper?
Where can I see Grouper case studies?
To download Grouper, go to the InCommon Trusted Access Platform wiki.