Single sign-on (SSO) at Waterloo

What is it?

Single sign-on (SSO) provides a secure method of accessing multiple web-based systems and applications without being required to log into each one.

How it works

Log into one supported University of Waterloo web-based system, and access other supported applications without having to enter your credentials again.

End a session

Simply close your browser (all browser windows) to end your single sign-on session. 



If you do not close the browser, your SSO session may still be active and may provide other users unapproved access to applications, even if they weren't the applications you were previously using. This is especially important if working on a public machine.

Benefits of single sign-on

save time and money

Save time

Spend your time doing the things you need to, not logging into applications.

more secure

More secure

Reduce the number of times you're prompted for and entering your credentials.


  work more efficiently 

An enhanced user experience

Log in once and move seamlessly between applications.


Initiating a single sign-on session

Logging into a supported application

All University of Waterloo employees and students will enter their address and WatIAM password when logging into a SSO supported application.


If you have opted in for two-factor authentication (2FA) or are required to use it as part of your role, you will receive a DUO 2FA authentication prompt when accessing supported systems, even though single sign-on is enabled.



Things to remember

SSO is browser specific

If you open and begin working in a different browser, you will be prompted to begin a new SSO session. 

Updated login pages 

Login pages for single sign-on will look different than the login pages you may be used to seeing.

SSO session lengths

The length of a SSO session will depend on the specific application, and may range from one to 24 hours.


Applications supporting single sign-on

  • Microsoft Office 365 (staff)
  • CareerHub
  • Quest
  • Workday
  • WebEx
  • Unit4
  • GoSignMeUp
  • Concur
  • WaterlooWorks
  • Qualtrics
  • PebblePad
  • Portal
  • Bonfire
  • EZproxy (Library e-resource access)
  • Odyssey

We'll update this list as new applications support SSO.

Want your application to support single sign-on?

It must be using the Active Directory Federation Service (ADFS) first.

rubber swimming ring

Get help moving to ADFS

Complete the ADFS request form.

thumbs up

Already using ADFS?

You're all set! Your application supports single sign-on.


Log in once and move seamlessly between applications.