Skip to content Skip to site navigation Skip to service navigation

Web Authentication and Authorization (was WebAuth)

In September 2022, rates will change for several of the technology services provided by University IT. To view the majority of our planned rate changes for services that are broadly available to our community, please visit this page. For more information, please visit the rates section of our website.

Support for WebAuth ends on August 31, 2018. Applications or websites that use WebAuth for authentication should move to the SAML 2.0 protocol.

This deadline does not affect websites hosted on the central web servers ( WebAFS is also exempt.

Stanford’s Web Authentication and Authorization technologies power its single sign-on systems, including web login. These systems protect the university’s restricted data while enabling community members and trusted colleagues around the world to access any number of systems with just one login action.

Designed for

  • Current faculty, staff, and students
  • Departments and workgroups


End users, content managers, and server administrators have different requirements to use Stanford Authentication and Authorization:

  • End users need a SUNet ID and password.
  • Content managers must set file system permissions (ACLs) and create .htaccess files to restrict access to their web pages and/or directories.
  • System administrators need additional software and special system credentials to enable authentication and authorization for a server or application.

Data security

May be used to protect Low, Moderate, and High Risk Data, as defined by the Information Security Office.


Free of charge

Get help

For assistance with Stanford Web Authentication and Authorization, submit a Help request.

Learn more

See also

Last modified January 8, 2020