* About: Identity and access management


Service overview | Who can use it | How to request & access | Cost | Availability | FAQs | Best practices & policies | Training & documentation | Support

Service overview

McGill IT Services provides students, faculty, staff, affiliates, and external service providers with unique identifying credentials and manages their permissions to access IT-related software and systems based on their roles and responsibilities.


Credentials

Credentials are used to validate your identity when logging into systems. Primary credentials managed by IT services include:


Two-factor authentication (also known as 2FA)

2FA is a security feature that requires users to verify their identity by acknowledging a notification or entering a code sent to a mobile device, such as a smartphone. For more details on 2FA, see Two-Factor Authentication (2FA) and Self-Service Password Reset (SSPR)


Permissions

Also called “entitlements,” permissions are managed through systems like Banner and Active Directory, which map individuals to specific groups or roles. With AD groups, all group members can be granted similar permissions without mapping each user individually.


Authentication services

Authentication services (such as Shibboleth, CAS, and Azure) act as brokers between various applications (e.g., myCourses, Office 365, Wireless network, and VPN) and Active Directory and Banner.

For example, when you sign into myCourses, the Shibboleth authentication service relays information from Banner about your role and registered courses so that myCourses knows what courses and content you may access and whether you are a student, instructor, TA, or staff member.


Who can use it

For students, your access and permissions are automated and triggered by changes to your status in Banner.

For employees, your access and permissions are automated and triggered by information from Human Resources.


How to request & access the service

New students

When you confirm your acceptance to McGill, your McGill Username and Short Username are created, along with an Office 365 Exchange mailbox.

You will receive a notification email at the email address you provided in your application. The notification email will instruct you to sign into McGill’s Office 365 portal, set up your McGill Password,  Two-Factor Authentication, and access your mailbox. 

Returning students

Your McGill Username, Short Username, and McGill Password do not change. If your access to McGill services has been suspended (due to time elapsed between studies), your access privileges will be reinstated when you register for classes (you can still access Minerva). 

New faculty and staff

Your McGill Username and Short Username are created automatically once all required information has been received from McGill's Human Resource system, Workday.

You will receive a notification email at the email address you gave to Human Resources. The notification email will instruct you to sign into McGill’s Office 365 portal, set up your McGill Password,  Two-Factor Authentication, and access your mailbox. 

Visitors and affiliates

A sponsor (a full-time McGill faculty or staff member) can request a McGill Username for you by submitting the Create affiliate account request form. 

Dual account holders

If you have a staff or student Username, and your status changes (e.g., a student becomes a staff, or a staff member enrolls in a course), you will receive a second Username. The McGill Password of your first Username does not automatically apply to your second Username. You will need to set up the Password for your second Username separately.

Note: Both Usernames can have the same Password, but you must manage them individually.

 

important

SPECIAL CASES:

In the following case, account termination needs to be initiated by a supervisor or Human Resources:

  • Termination of an employee:
    When an Employee leaves McGill, a limited grace period is provided before the person’s accounts and access are terminated. Under circumstances where it is important to restrict access sooner, the Human Resources person handling the termination should notify the IT Service Desk.


Cost

There is no cost associated with this service.

 


Availability

Requests for changes to access are handled during regular business hours. See the opening hours for the IT Service Desk.


Frequently asked questions


Best practices & policies


Training & documentation

Not applicable


Support

Students:

Faculty and staff: