CUD access

Requesting use of Core User Directory (CUD) interfaces

A request must be made separately for access to CUD via each of the interfaces.

Expand All

The prerequisite for all access is to request personal access to the CUD User Interface (CUD UI)

To request access to the CUD UI, please use the service request linked from the IAM service requests page.

The initial request for access must be supported by a signed terms and conditions of CUD access form.  The signed form can either be scanned and attached to your service request, or returned to:

 

Identity and Access Management Team
Platform Services
University of Oxford
IT Services
13 Banbury Road
Oxford

Once you have access to the CUD UI you can request access to additional service interfaces. Refer to the CUD interfaces introduction for details of the various service interfaces to determine which best suits your needs.  You are welcome to contact IAM if you're not sure, or need advice as to which may be best.

For requests to register for REST interface access please use the service request linked from the IAM service requests page.

For requests to register for non-REST interface access, please use the following email template to request access via a new service interface.

To: iam@it.ox.ac.uk
Subject: Request for access to CUD interface - <interface requested>
 
Please supply service access to CUD as follows:
Name: <your name>
ITSS: Y/N
Reason for access (required if not ITSS):
ITSS Managers:
Machine FQDN:
Interface requested:

 

When completing the email

  • the ITSS section should be answered Y/N, depending on whether you appear in the ITSS register
  • if you are not on the ITSS register you must provide a Reason for access, including why you are requesting access and the purpose CUD data will be put to
  • the ITSS Managers section requires a list of ITSS members with /itss principals, such as unit0001/itss, who should be given access to download kerberos principals or other credentials generated as a result of this request.  At least one must be provided
  • the Machine FQDN is the fully qualified network name of the server or service which will be using the interface, for example host.oucs.ox.ac.uk
  • the Interface requested should be one or more of:
    • REST  
    • SOAP query
    • SOAP push
    • SQL Push
    • LDAP push
  • If your request is for a REST or SOAP interface, and GSSAPI+Kerberos authentication is not supported by the software which will be used to access CUD, please include this information in Interface requested

Additional attributes are attributes that are not included in the CUD attribute set, these are available on application.  You must have a good reason for using additional attributes, access to which will be considered in consultation with the data owner.

Requests for access to additional SITS attributes (those within the "cud:uas_sits:" namespace) should normally be submitted by IT Support Staff.  The Identity and Access Management team will then seek further authorisation from the local Information Custodian, and/or Student Systems in the case of attributes deemed especially sensitive.

To request access to additional attributes, please use the Additional CUD Attributes service request. This is also linked to from the IAM service requests page.

When completing the service request you must provide a Reason for access whether or not you are ITSS

Once you have access to CUD, the following links will help you get started:

CUD UI for simple searching
CUD REST query examples
CUD REST interface client user guide

Related links

CUD UI login link

CORE USER DIRECTORY

Get support

If you cannot find the solution you need here then we have other ways to get IT support

GET IT SUPPORT