Identity Management
What is an identity management system?
An identity management system is a framework of technologies and policies used to manage digital identities within an organization. It ensures that people have access to the right resources at the right times and for the right reasons. Key functions include:
Authentication: Verifying a user's identity (e.g., with a combination of your RRU Login ++ passphrase and multi-factor authentication).
Authorization: Controlling what resources a user can access based on their role or permissions. Students have access to courses in which they are enrolled but no others. Faculty have access to courses they are teaching, but no others. Payroll staff have access to payroll information but other departments do not.
The goal of an identity management system is to streamline user access to the tools they need, enhance security, and ensure compliance with policies and regulations.
I’ve worked at RRU for many years and didn’t have a problem until now. Why?
In April 2023, we implemented phase one of an identity management system. We imported data from existing systems but couldn’t immediately allow the system to enforce the requirement for unique email addresses until we were further along in the implementation.
Why does the system need unique email addresses? It uses personal email address + first name + last name to determine if an identity is unique.
You didn’t have a problem until now because we didn’t have a system managing identities that had this requirement and/or weren’t far enough along to support it.
Identities at RRU
For this explanation, let’s agree that people can have one of two kinds of relationships with RRU:
Group 1 (student) | Group 2 (non-student) |
|---|---|
People who are studying here now, may come here to study in the future, or have already completed their studies. These are prospects, applicants, students, alumni, etc. Let’s call this group “students”. Everyone in this group has a single identity to use for studying purposes. | People who support group # 1 in a variety of ways including administratively, academically, operationally, etc. Everyone in this group has a single identity even if they work in two very different departments at the same time. For example, a boiler operator who works in Operations and Resilience and also teaches in a program has only one identity. |
If someone is a student AND they work in operations, they are not in a new group called Group 3. Instead, they have two identities - a student identity and a non-student identity.
Managing identities for different groups
Group 1 is managed in a variety of ways depending on where they are in their journey with us.
Group 2 is managed by the resource management system. Most of us interact with that system through Chef.
What identifies you as you?
Regardless of which group you’re in, the combination of a number of pieces of data identify you. These can include legal given and last name, SIN, etc. One important piece of data for everyone is a unique personal email address. Because you can have a student identity AND a non-student identity at the same time, you may need to provide two different email addresses to our systems.
Group 1 (student group) | Group 2 (non-student group) |
|---|---|
Bill Smith, student ID 123456 … and other information relevant to this journey | Bill Smith, resource ID 1234 bill.smith.non-student@gmail.com … and other information relevant to this journey |
When we do not have a unique email address on file for student-you and non-student-you, an important part of your identity is missing. This will negatively impact your ability to access certain resources and interfere with you doing your work or study.
It is important to keep your identity information current and complete.
Common questions
Why do you need a personal email address? Why do you need a unique email address for each identity?
Currently, some services like the passphrase reset utility needs to communicate with your personal email address. Without a personal email address on file, the utility can’t help you with a passphrase reset.
The system requires a unique personal email address for each identity. That’s just how it works.
I already have an email address that I check everyday. I do not want to check another one. What are my options?
Suppose you already have an email address of bill.smith@gmail.com. If you have only one identity with us (ie. you are EITHER a student type or a non-student type), you can give us that email address. Job done.
If you have two identities with us and you’re already using bill.smith@gmail.com for your student-self, you can create a new gmail address called something like bill.smith.forwork@gmail.com. To avoid having to check multiple gmail accounts, you could forward email from the new email address to the original. There are other options to explore as well.
What if I don’t give you a personal email address?
The impact on you: The absence of a personal email address on file won’t negatively affect you… until it does. You’ll discover this problem when you’re trying to do something but are blocked from doing it. You’ll need to contact us for help. We’ll ask for a personal email address, update your identity record, and then you can try that again. This may take some time so you’ll be inconvenienced for a period and will be delayed from completing that task you intended to work on.
The impact on us: We’ll have incomplete data, which makes it tricky for us to complete some of the ongoing improvements we’re making. We may have to reach out later to re-ask you for this information.
How to Contact the Computer Services Department
Submit a ticket
To submit a ticket, you will be required to log in using your FULL Royal Roads email address (detailed instructions here)
New! If you do not have a full RRU email address (students not currently in a credit program and/or visitors), you can create a portal account using your personal email address.
Email us at IT Customer Service
Contact Form
Phone: 250-391-2659 Toll Free: 1-866-808-5429
Come visit us in the Sequoia Building
Hours of Operation