Entra Single Sign-on Experience

About

This document outlines the experience for all users accessing applications within the UNW Microsoft Entra Single Sign-on (SSO) environment.

Experience

1) Begin

Navigate to a UNW application such as https://my.unw.edu 

A full list of protected applications can be viewed here.

2) Sign in

The browser will be redirected to login.microsoftonline.com and you will either be prompted for credentials or automatically signed in based on an existing session on that device.

Opening a generic Microsoft application without reference to UNW, such as https://myapps.microsoft.com will always redirect back to the UNW branded sign in prompt once you enter a valid UNW account.

Be aware of sign in pages that look like those shown below but are not exactly login.microsoftonline.com. Common phishing tactics use fake sign in pages to steal your password and multifactor authentication.

Screenshots

image-20240626-191530.png
UNW branded account prompt
image-20240626-191710.png
Generic Microsoft account prompt

3) Multifactor authentication

The experience will vary depending on your registered multifactor authentication methods. The sign in page will accelerate your sign in to use the most recent successful method for your account. The use a different method, use the links below the main prompt such as “Other ways to sign in”.

After entering your password or a username with passwordless sign in, you will be prompted to enter the two-digit number displayed on the screen in the Microsoft Authenticator app. Always verify that the location displayed in the app matches where you are attempting to sign in from and the application name displayed is what you are expecting to access.

After entering your password, you will be prompted to enter the six-digit number displayed in the Microsoft Authenticator or third-party code generator app on screen.

4) Post sign in

After completing the Entra single sign-on flow, you will be redirected to the application you initially opened. After the session times out, you will be prompted to reauthenticate.

For UNW applications using this login experience, this is 14 hours for all web browser sessions or when the browser is closed.