Web log-in and single sign-on at Stanford
The first time you login to a Stanford web page for the day you enter your username and password (unless you are using Cardinal Key); you might also be asked to do a two-step authentication. Once you have done this authentication your web browser stores special session information. This saved session information allows you to access other Stanford websites without re-entering your credentials. This is called single sign-on and saves you from the tedious chore of re-entering your Stanford credentials on every different Stanford web site.
How single sign-on information is saved
Because single sign-on information is stored in the web browser, single sign-on is specific to each browser: browsers do not share session information. This is why if you login to Stanford web sites on two different browsers, say Firefox and Chrome, you will have to do your initial authentication on each browser.
Some questions answered
- Do I need to do anything to enable web local storage? No. All modern browsers support web local storage by default.
- Do logins work differently with local storage vs. cookies? No. The login process is exactly the same, but you might notice an intermediate page flash quickly by that mentions reading and storing session information to your browser. This is expected and necessary as this is the page that stores your data locally.
- Is SSO login through an iFrame Supported? Stanford does not support single sign-on (SSO) through an iFrame. This change was made University-wide for security purposes to limit Cross-Site Scripting and Cross-Site Request Forgery vulnerabilities and is an industry-wide standard. We suggest sending users to the desired content by linking directly to the secured page instead of using iFrames. Learn more from the Embeddable Content Policy.