menu

When login fails in JAIST-SSO

JAIST-SSO is used for authentication when using services such as Webmail and SSL-VPN. When authentication fails in JAIST-SSO, there are various possible reasons. Let's answer the questions from the following to find out the cause.
STEP.0 What message was displayed when the authentication failed?

Please read the FAQ for each service if the system does not use JAIST-SSO, or if there is a problem after successful JAIST-SSO.

Reference

Authentication flow

There is a difference in the authentication flow between access from the on-campus network (including VPN) and access from the off-campus network.

SSO authentication is possible by registering one of the authentication factors shown in the image on the right.


STEP.0 What message was displayed when the authentication failed?

When authentication fails, red text message appears at the top of the screen for a few seconds.
Please select the appropriate combination of the operation you performed before the authentication failure and the message.

 

 

  • After input your password, "Authentication Failed" appears at the top of the screen.  

→ STEP1. About user name and password

 

 

  • After input your password, "Your client certificate is invalid. In addition, One Time Password (OTP) factor is not registered." appears at the top of the screen.

→ STEP2. About authentication factors

 

 

  • After input the one-time password, "Authentication Failed" appears at the top of the screen. 
    (When "INVALID OTP CODE. YOU WILL BE REQUESTED TO START AGAIN AFTER 1(or 2) MORE FAILURE(S)." is displayed)

→ FAQ "After entering the OTP, "INVALID OTP CODE" will be displayed."

 

 

 

 


STEP1. About user name and password

When "Authentication Failed" appears at the top of the screen after entering the password, there may be a problem with the user name or password.

Please access the inquiry form and please try to log in.
* Do not use passwords saved in your web browser.

 

Can you log in?

 

 

STEP1-2. User name or password is wrong

If you were unable to log in to the inquiry form, your user name or password is incorrect.

 

  • Are you able to enter the text as you want?
    The input may not be correct due to a faulty keyboard or a different layout.
    Please enter your username and password into a text editor, and check that they are entered as you expect them to be.

  • Is the user name correct?
    The student's user name is "s+student number". (If the student number is "1234567", the user name is "s1234567")
    * Not the email address ‘XXXXXX@jaist.ac.jp’.
    * If you change your email address, your username will remain the same.

  • Is the password correct?

    * When you are unable to log in after changing your password, please try logging in with your old password.
    * If the password saved in your web browser allows you to log in, the password is the correct password.
     Please refer to the FAQ "How to check passwords saved in your Web browser" to confirm your password.

 

If you have forgotten your password:

If you have already registered an email address for resetting your password, please try to reset your password.
  →Resetting your password

If you have not registered, please come to the reception desk in person with your student/staff ID card.
  →RCACI reception desk

 

 

 

STEP1-3. Please check your digital certificate

If the following three conditions are met, the authentication has most likely failed because the "certificate used for authentication" and the "user name entered on the first screen" are different.

  • When authentication fails, the message ‘Authentication failed’ is displayed with a red frame (confirmed in STEP0).
  • There is no problem with the user name and password when trying to log in using the contact form (confirmed in STEP1).
  • Authentication from an off-campus network (other than JAIST's wired LAN or Wi-Fi) is using a digital certificate.

 

Please check the following:

If you have already set a one-time password, please cancel the presentation of the certificate and try authentication. If the certificate presentation screen does not appear and cannot be cancelled, try using the private window.
Tips: Using a Private Window

 

If you still cannot log in, "STEP 3. Unable to log in".

 

 

 


STEP2. About authentication factors

There is no problem with the username and password, but an authentication factor seems to be missing.
Please go to the appropriate link below.

 

 

 

 

STEP2-1. Accessing from campus

When "Your client certificate is invalid. In addition, One Time Password (OTP) factor is not registered." is displayed, you are not connected to the campus network.
(If you are connected to the campus network, you can successfully authenticate using only your username and password.)
Please check the following.

 

  • What is your network connected to?
    The "campus network" refers to the campus Wi-Fi (SSID: JAIST, JAIST-ALL), wired LAN, and SSL-VPN.
    Please make sure that you are using these networks.

  • Connected to SSID:NEWCOMER, eduroam
    The "NEWCOMER" Wi-Fi service for new students is an off-campus network.
    The "eduroam" wireless LAN service for educational and research institutions is an off-campus network.

    A one-time password (OTP) or client certificate is required.
    STEP2-4. When the authentication factor is not registered

  • If you are using Safari on mac OS
    Try logging in with the ‘Hide IP Address’ setting switched off.
    FAQ "I can't access the intramural use only page (Safari)"


If you cannot login
  →STEP3. Unable to log in

 

 

 

STEP2-2. When accessing with a one-time password

When "Your client certificate is invalid. In addition, One Time Password (OTP) factor is not registered." is displayed, one-time password authentication device is not registered.
Even if the device is displaying the 6-digit OTP, the last steps of registration may have been forgotten or deleted after registration.

STEP2-4. You do not have an authentication factor


If you have a digital certificate, you can use it for JAIST-SSO authentication by importing the digital certificate into your browser.
 

 

 

STEP2-3. When accessing with a digital certificate

When "Your client certificate is invalid. In addition, One Time Password (OTP) factor is not registered." is displayed, either the certificate has not been imported or there is a problem with the selected certificate.

First, check to see if the digital certificate has been imported into your browser.

Access user's manuals by UPKI from the following page and refer to "Checking the Certificate (PKCS#12 file)".
User's Manuals for Installation in Different Web Browsers



Is the digital certificate of "...@jaist.ac.jp" imported into your browser?

 

 

 

STEP2-3-1. The digital certificate has been imported

Please check the following points about the imported digital certificate.

 

If you have a One Time Password (OTP), please cancel the certificate selection and try to authenticate with OTP.

 

If you cannot login
  →STEP3. Unable to log in

 

 

 

STEP2-4. You do not have an authentication factor

Authentication from off-campus requires authentication factors other than username and password (one-time password, client certificate, etc.). When "Your client certificate is invalid. In addition, One Time Password (OTP) factor is not registered." is displayed, it means that the authentication factor is missing.

 

Please come to the campus and get one (or both) of the following authentication factors.

 

If you are uncomfortable with any of the tasks on the above pages, help desk staff will support you.
Please come to the RCACI reception desk with the device you usually use.

 

 

 


STEP3. Unable to log in

If you are still unable to access the site, please check the failure information on the top page and confirm that the failure has not occurred.
RCACI Home Page
JAIST Information Environment Operational Status
When there is anything related to the failure JAIST-SSO, please wait until it is restored.

If the login still fails, please contact us via the web form, referring to the following page.

Requests for Inquiries - JAIST-SSO Failure Problem