Identified - Institutional customers using custom SAML resources in OpenAthens should be aware of security vulnerabilities in Shibboleth Service Provider software and SimpleSAML Service Provider software which might affect the vendors they are connecting with.

What you need to do: We suggest institutional customers using custom SAML resources in OpenAthens send these links to their vendors and ask them to confirm their Service Provider software is either unaffected or that the vulnerability has been addressed. To find the resources, please go into the admin area and look at the custom tab within the resource catalogue, you only need to concern yourself with the ones that say SAML.

You can find more information here:
https://shibboleth.net/pipermail/announce/2025-March/000337.html
https://simplesamlphp.org/security/202501-01

For the avoidance of doubt: these vulnerabilities do NOT affect the OpenAthens service. Please direct all queries to the vendors for which your institution is using custom SAML resources in OpenAthens.

Mar 18, 2025 - 15:18 GMT
Authentication Point ? Operational
Authentication API ? Operational
Authentication broker ? Operational
Managed Proxy service ? Operational
OpenAthens Federation ? Operational
OpenAthens Keystone ? Operational
Redirector ? Operational
Wayfinder ? Operational
MyAthens user portal ? Operational
Self-registration service ? Operational
Account Administration website ? Operational
Administration API ? Operational
OpenAthens Reporting ? Operational
SP Dashboard ? Operational
Service Desk portal ? Operational
Documentation website ? Operational
Email services ? Operational
Service Desk Telephony Operational
Operational
Degraded Performance
Partial Outage
Major Outage
Maintenance
Apr 26, 2025

No incidents reported today.

Apr 25, 2025

No incidents reported.

Apr 24, 2025

No incidents reported.

Apr 23, 2025

No incidents reported.

Apr 22, 2025

No incidents reported.

Apr 21, 2025

No incidents reported.

Apr 20, 2025

No incidents reported.

Apr 19, 2025

No incidents reported.

Apr 18, 2025

No incidents reported.

Apr 17, 2025

No incidents reported.

Apr 16, 2025

No incidents reported.

Apr 15, 2025

No incidents reported.

Apr 14, 2025

No incidents reported.

Apr 13, 2025

No incidents reported.

Apr 12, 2025

No incidents reported.