Microsoft Entra and University Single Sign-On (SSO)
Microsoft Entra is the University’s modern identity and access management platform for Single Sign-On (SSO). It allows students, faculty, staff, and other authorized users to sign in with their University account and securely access multiple applications and services without needing to manage separate credentials for each one. By centralizing authentication, Microsoft Entra helps provide a more consistent login experience while supporting the University’s security, operational, and modernization goals.
What is Microsoft Entra?
Microsoft Entra is Microsoft’s cloud-based identity platform. It provides authentication, application access, identity protection, and policy-based access controls for both Microsoft and non-Microsoft applications. As the University continues to modernize its technology environment, Microsoft Entra serves as a strategic platform for delivering secure access to cloud and web-based services.
For SSO, Microsoft Entra acts as the identity provider. When a user signs in, Microsoft Entra verifies their identity and allows approved applications to trust that authentication. This means users can move between supported services using their University account without repeatedly entering credentials.
Application Integration with Microsoft Entra
Single Sign-On (SSO) is a requirement for University applications as part of the standard approach to authentication. Requiring SSO helps ensure that applications align with the University’s identity and access management strategy, provide a more consistent user experience, and support centralized security controls.
Microsoft Entra provides a secure and standardized way for applications to use SSO. By integrating an application with Entra, users can sign in with their University account instead of maintaining a separate username and password for that service. The IAM team is available to work with application owners and technical contacts to set up new integrations and support applications as they are onboarded to Microsoft Entra. https://uconn.atlassian.net/wiki/spaces/IKB/pages/28612624386
How Microsoft Entra Meets the University’s SSO Needs
Higher education environments have complex identity needs. Universities support large populations of users with changing roles, varied access requirements, and a broad mix of academic, administrative, research, and third-party systems. Microsoft Entra helps meet these needs in several important ways.
Centralized authentication
Microsoft Entra provides a central authentication service for connected applications. This supports a more unified access experience across University services and reduces the need for separate local logins.
Support for modern application integration
Many current applications support modern federation and authentication standards such as SAML, OAuth, and OpenID Connect. Microsoft Entra is designed to support these standards, which makes it a strong fit for integrating cloud services, vendor-hosted platforms, and modern web applications commonly used in higher education.
Improved user experience
Students, faculty, and staff often use many systems throughout the day. Microsoft Entra helps simplify access by reducing login friction and supporting a more consistent sign-in experience across approved services. This can reduce confusion and improve adoption of institutionally supported applications.
Stronger security controls
Microsoft Entra supports security features that are important in a university environment, including multifactor authentication, conditional access, centralized policy enforcement, and sign-in monitoring. These capabilities help the University better protect accounts and sensitive institutional data.
Scalability for a large and changing population
University identity environments are dynamic. New students arrive each term, employees change roles, affiliates are onboarded, and access needs shift over time. Microsoft Entra supports this scale and flexibility by working within a broader identity and access management model based on institutional identity data and centrally managed policies.
Alignment with cloud services
As the University continues to adopt cloud-based services, Microsoft Entra provides a natural foundation for secure access. Its integration with Microsoft 365 and compatibility with many third-party applications supports long-term modernization and reduces dependence on older authentication approaches.
Benefits to the University
Using Microsoft Entra for SSO provides several institutional benefits:
A more consistent and secure login experience
Reduced password-related support issues
Centralized authentication and policy management
Better support for multifactor authentication and access controls
Improved integration with modern cloud applications
A more scalable platform for long-term identity needs
Benefits to Application Owners
Microsoft Entra also helps application owners by providing a standardized SSO platform for onboarding and managing integrations. This can simplify authentication design, reduce reliance on locally managed passwords, and support consistent access patterns across the University environment. Application owners can also benefit from clearer security expectations and a more sustainable long-term support model.
Migration from CAS to Microsoft Entra
The University is in the process of migrating its SSO services from CAS to Microsoft Entra. This is a multi-year effort that will take place in phases as applications are reviewed, planned, tested, and moved to the new platform. Application owners will be contacted when it is time to coordinate their application’s migration.
This transition supports the University’s goal of moving to a more modern, secure, and supportable authentication environment. During the migration period, some applications may continue to use existing authentication methods while others are onboarded to Microsoft Entra.