Return to the Identity Administration page.
Single Sign-on (SSO) is a method to consolidate user sign-in for multiple web applications into a one-time authentication (subject to application-specific or global default timeouts). CAS Single Sign-on is the preferred authentication resource for BYU.
The Central Authentication Service (CAS) validates the user identity upon authentication at trusted entry points. Allowed credentials currently include a local BYU Net ID and password and/or a trusted federated account: LDS Account, BYU-Hawaii, BYU-Idaho, Facebook, Google. After a user signs in with any of these credentials using the approved CAS sign-in page, they will be signed-in to each web application that uses CAS for authentication without having to re-enter their credentials (unless required by a specific application or data governance policy).
Applications that integrate with BYU Central Authentication Service (CAS) have the following options:
To integrate your web-based application with CAS Single Sign-on, refer to the CAS SSO Participation Guide (a Help Center article).
Retrieve Attributes from CAS: a description of options for retrieving attributes from CAS [SAML and API information forthcoming]
Frequently Asked Questions: a Help Center article [under review]
Life Cycle of a CAS Service Ticket: a diagram outlining the life cycle of service tickets [outdated, but conceptually helpful until the CAS upgrade brings new documentation in Q1 2019]
The feedback box, located below, is intended for general comments on this page or service information and NOT for help with specific technical issues you are having with the service itself. If you would like a response to your feedback, be sure to include your contact information or log into it.byu.edu using the login button at the top of this page.