Integrating Okta with Ellucian Banner and Ethos Identity

Many educational institutions are upgrading their Ellucian solutions to Banner 9. Leveraging this time to consider modernizing current approaches to IAM will present significant opportunities for achieving efficiencies in manual operations, infrastructure, and maintenance costs for most campuses.

In this white paper you'll learn about:

• Utilizing Okta to enable a great end user experience while reducing IT friction

• Lowering IT administration costs

• Securing your banner applications with multifactor authentication

• Improving and simplifying user lifecycle management

Many educational institutions are upgrading their Ellucian solutions to Banner 9. The new Ellucian platform introduces Ethos Identity to bring a Single Sign-On (SSO) experience to the user. Ethos Identity is built on standards-based SSO technology. This allows for choice in the selection of an Identity Provider. Leveraging this time to consider modernizing current approaches to IAM will present significant opportunities for achieving efficiencies in manual operations, infrastructure, and maintenance costs for most campuses.

Bring Your Own Identity Provider

The Ethos Identity architecture allows for choice of identity provider. By utilizing Okta, institutions can easily enable a great end user experience while simultaneously reducing IT friction. The Banner applications are SAML capable, which makes them a perfect fit for Okta’s SAML capabilities. Integration with Okta solutions is seamless, taking implementations from weeks to days, so your students, faculty and staff will have a delightful experience, usually with zero downtime for upgrades.

Lower IT Administration Costs

The Okta solution is 100% cloud-based. Given a choice of identity providers, it makes sense to leverage a mature IDaaS IDP. Integration with an on-premise directory is simple, redundant, and reliable. Okta has excellent integration with a variety of directory servers, including Active Directory. Self-service password management reduces help desk costs while comprehensive password policies ensure that user credentials are secure.

Extensible Universal Directory & UDCIdentifier

The Universal Directory profile can easily be extended to accommodate any kind of data that is specific to your institution and the applications that you employ. Banner utilizes the user’s UDCIdentifier as an identifying attribute. The UDCIdentifier can be added to the Universal Directory, making it available to SAML assertions that are sent to the Banner applications.

Secure Your Banner Applications with Multi-Factor Authentication

Multi-Factor Authentication (MFA) is critical for securing the sensitive data maintained by your Banner environment. Okta’s Adaptive MFA (AMFA) makes it simple to add security based on various policies. For example, MFA can be enforced when a user accesses a Banner application or when they do so from off the campus network. Okta’s MFA solution, Okta Verify, provides a secure yet convenient solution for users that can be deployed on their mobile device. In addition, Okta can integrate with many solutions such as Duo, RSA, YubiKey, and others. By centralizing MFA and authentication policies, you can be assured that the right users are accessing the right applications.

User Lifecycle Management

Integrating Okta Single Sign-On (SSO) with Banner is only the tip of the identity management iceberg. Okta has built-in integrations with over 5,500 applications, infrastructure and devices via the Okta Integration Network. Our integration wizard makes it smooth and easy to quickly add new technology. This catalog of integrations continues to grow every week. Many of these applications also provide User Lifecycle Management integration to enable provisioning and deprovisioning of application accounts.