Has your password been reset by OIT?
If your password has been reset by OIT, click here to reactivate your account. For instructions and help, see Activate My IdentiKey.
Login Information
Federated Identity Service (a.k.a., FedAuth) provides access to multiple services via single sign-on through IdentiKey authentication. Federated Identity Service will then share your attributes with the service(s) being accessed. Attributes are shared securely with the service(s) and do not contain any private or sensitive information.
You will be asked to review and release these attributes on your first visit. If you do not release the attributes, you cannot access the service.
IdentiKey Manager
If you're having trouble logging in, go to IdentiKey Manager (identikey.colorado.edu) to reset or change your password without having to contact support. To learn more, see the IdentiKey Manager page.
Change your password
Go to IdentiKey Manager, click Change my password and enter your current credentials (see the Change My Password tutorial).
Forgot your password?
If you don't know your IdentiKey password, go to IdentiKey Manager and click Forgot my password to reset it (see the Forgot My IdentiKey Password tutorial).
Access Issues
If you are not able to use the IdentiKey Manager to reset your password, contact the IT Service Center at 303-735-4357 or oithelp@colorado.edu.
Duo Multi-Factor Authentication
Multi-factor authentication (MFA) increases account security by requiring multiple forms of verification to prove your identity when signing in to an application. Duo MFA is an application that CU Boulder faculty, students and staff use to securely log in to MyCUInfo or Buff Portal.
How to enroll and use Duo
When you log in to a service that requires Duo MFA (e.g., MyCUInfo or Buff Portal), you will be prompted to authenticate using one of the following methods:
- Duo Mobile app (recommended): Get a push notification from the Duo Mobile app on your smartphone or watch.
- Phone number: Set up a phone number, then choose between receiving a text message with a code or an automated phone call during which you can approve access by pressing 1 on your keypad.
- Security key: Use a device like a Yubikey to verify your identity.
If you have a smartphone, OIT recommends the Duo Mobile app for the best experience. Whatever your preferred method, OIT also recommends enrolling more than one device (e.g., the mobile app and a phone number) so you can still authenticate if you lose or replace a device. Visit the Duo MFA page for more information and troubleshooting tips.
Session Time Limits
Federated Identity Service and the services accessed through it have session time limits to minimize the exposure of a forgotten web browser. Because of these time limits, you may be prompted to sign in again to continue your session. Time limits are per service and therefore not standard.
Logout Information
In order to completely log out of a Federated Identity Service session, it is necessary to close your web browser. Logging out of a service will not truly end a session until the web browser is closed or the Federated Identity Service time limit is reached.
I logged in to Federated Identity Service earlier, but the login page appeared again. Why?
The system and each service have pre-set timeouts, which aid in minimizing the exposure of forgotten web browser sessions.
I went to a Federated Identity Service login page and I wasn't required to log in. Is there a security problem?
No. Once you have started a session in Federated Identity Service, you are logged in to all CU Boulder services that use Federated Identity Service to authenticate. Don't forget to log out once you are finished.
I would like to incorporate Federated Identity Service into my website. Where can I find more information?
Contact the IT Service Center at 303-735-4357 or oithelp@colorado.edu.
What is Federated Identity Service?
Federated Identity Service provides an environment in which users can authenticate/log in one time with their respective IdentiKey username and password to a central server in order to access multiple services protected with Federated Identity Service without needing to re-authenticate.
What is my Digital ID Card? Why would I "reset my release approvals"?
Your Digital ID card outlines the identifying information that is shared with the service(s) you are logging in to, allowing you access to that service. You can review and release approvals at any time. If the attributes change for any reason, you will be prompted to review and release at your next login.