uApprove Jet Pack 2.5.1 User Manual
1. Introduction
This document explanins how to give your consent to the release of attributes to Service Provider (in short, SP) via uApprove Jet Pack (in short, uApprove JP).
The user consent steps are as follows:
- Login to the IdP.
- Accept the terms of use.
- Select the optional attributes to be released to Service and confirm it.
- Final confirmation of release.
- The attributes are released to the Service.
2. Operation flow
2.1 Login to the IdP
When using SP, redirect from SP to IdP of your organization, and log in to IdP.
Below is a sample of IdP with password authentication.
Figure 1: Login page |
|---|
|
|
|
If you want to reset attribute release approvals, you have to check the checkbox "Clear my attribute release consent". See 3. Reset-approvals for details.
In case "Clear my attribute release consent" checkbox is not displayed and you want to reset it, you have to access the page of the list of approved SP. See 4. List-approvals for details.
2.2 Terms of use
You may get the terms of use page (figure 2) after success of login. This page will be shown if one of below is satisfied.
- the user accesses the system for the first time
- terms of use have been revised from previously accepted by the user.
In order to continue, you have to check the "I accept the terms of use" checkbox and click the "Confirm" button.
Figure 2: Terms of use page |
|---|
|
|
|
If you don't want to accept, you have to close your web browser in order to cancel the login process.
2.3 Optional attribute selection
This page shows information about you that will be released to the SP(figure 3).
- Mandatory information for using the service
These attributes are sent to SP always after confirmation. You cannot refuse release of them. - Optional information for using the service
You can select the optional attributes to be released to SP from the list by checking the box. The attributes previously released are displayed with checked.
The meaning of the 3 types of icon placed beside the attributes is as follows:
| Icon | Description |
|---|---|
| indicates that attribute is changed since previous consent. |
 | indicates that how to use this attribute is provided by SP. by clicking this icon, short description is displayed to the next line. |
| indicates that short description is provided. by pointing this icon, short description is displayed. |
In addition, it is required to decide the policy of the release of attributes. You must choose a policy with the radio buttons:
- This time I agree to send this data. I will check the data again at next login. (default)
You can confirm the information that will be released to this SP, on every login session. - I agree that the data same as this time will be sent automatically to this service in the future.
Allow to send the selected information when you use this SP again, automatically.
If next time you use this SP, this page will not display again unless the attributes on the agreed have been changed. See 2.3.1 Review the attributes change for if the attributes to have agreed changed. - I fully agree that in the future all my data will be released to the service provider as required by the service that I will access.
Allow to send all attributes to any SP automatically. If you choose this, all the optional attributes will be checked and can not be unchecked.
This page will never displayed again, even if the attributes on the agreed are changed or new attributes are added.
After selecting attributes and choosing a policy, you click the "Next" button to display the final confirmation page.
Figure 3: Attribute selection page |
|---|
|
|
|
If you clicked the "Reject" button, your web browser will display pop-up messages indicating that the service is not available.
You have to close your web browser in order to cancel the login process.
2.3.1 Review the attributes change
When any of the following conditions is satisfied on the SP where "I agree that the data same as this time will be sent automatically to this service in the future." option is applied, auto attributes sending is stopped and this review page (figure 4) is displayed.
- The value of selected attribute have been modified
- An optional attribute which is not allowed to release before is changed to mandatory
In this page, radio button "I agree that the data same as this time will be sent automatically to this service in the future." is checked as the default value.
Figure 4 shows the case of "mail" which was optional attribute is changed to mandatory.
Figure 4: Attribute selection page (attribute setting is modified) |
|---|
|
|
|
Even if you cancel login by selecting "Reject" at modified attribute selecting page, your previous agreed information is still preserved.
To cancel your previous agreed information, go to list of approved SP's or reset your agreement at the login window.
2.4 Final confirmation of release
Attributes which are going to be released to the SP are displayed in this page (figure 5).
You do the final confirmation before sending attributes to SP.
If you allow to send the attributes to the SP, please click the "Send" button.
If you want to redo the selection of attributes, click the "Back" button.
Figure 5: Attribute release confirmation page |
|---|
|
|
|
2.5 Release of information
Mandatory attributes and selected optional attributes are sent to the SP.
You are redirected to SP, this involves the attributes release, and your web browser should display the page which shows the information received by SP shown in figure 6.
Figure 6: Attribute received on SP |
|---|
|
|
|
3. Reset-approvals
When you logged in by checking "Clear my attribute release consent" on login page, the information below is resetted and optional attribute selection(figure 3) will be displayed.
- Approval by selecting "I fully agree that in the future all my data will be released to the service provider as required by the service that I will access."
- Approval to the individual services which can access without closing the web browser
4. List-approvals
If you access to the page of the list of approved SP (https://your IdP hostname/idp/uApprove/ListConsentedSP), and authentication on IdP is succeeded, you can browse that list.
But the SP you approved with "This time I agree to send this data. I will check the data again at next login." is not listed.
- If you have not approve any SP, displayed like figure 7
Figure 7: If you have not approve any SP
- If you have approved SPs individually, displayed like figure 8
Figure 8: If you have approved SPs individually
- If you have approved any all SP, displayed like figure 9
Figure 9: If you have approved any all SP
If the page of final is prepared by administrator, the "Exit" button navigates to that page.
4.1 Revocation of consent
You can revoke consent by clicking the "Reset" or "Reset all" button at the list of approved SP.
- The "Reset" button reset the agreement for that service
- The "Reset all" button reset the agreement for the all services
When you click one, display the confirmation page for revoke(figure 10).
Figure 10: Confirmation page for revoke |
|---|
|
|
|
- The "Confirm" button reset the agreement for that service, and go back to the page of the list of SPs.
- The "Cancel" button do not reset it, and go back to the page of the list of SPs.