Flow of JAIST-SSO
Authentication with JAIST-SSO is required to access services such as Webmail, J-Storage, and SSL-VPN.
This page explains the flow of authentication by JAIST-SSO after accessing the URL of each service.
When using the campus network
Multi-factor authentication (OTP, digital certificates) is not required when using the campus network (campus Wi-Fi, wired LAN, SSL-VPN connection).
Enter your user name
When the screen on the right appears, please enter the user name of your JAIST user account.
[About Usernames]
- Students……s+student ID number (e.g. s1234567, s0000000)
* If you change your e-mail address, your user name will not change. - faculty and staff…Before @ in email address (e.g. t-sentan, jaileon)
Enter your password
When the screen on the right appears, please enter the password for your JAIST user account.
When using the off-campus network
Multi-factor authentication is required for login from off-campus networks.
When authenticating with a one-time password (OTP)
Register the OTP authentication device in advance. (One Time Password authentication device registration procedure)
Enter your user name
When the screen on the right appears, please enter the user name of your JAIST user account.
[About Usernames]
- Students……s+student ID number (e.g. s1234567, s0000000)
* If you change your e-mail address, your user name will not change. - faculty and staff…Before @ in email address (e.g. t-sentan, jaileon)
Enter your password
When the screen on the right appears, please enter the password for your JAIST user account.
Select authentication factors
The authentication factor selection screen is displayed if the user name and password are correct.Click on the pull-down menu, select "OTP (Authenticator)" and click on "SUBMIT".
Enter the OTP
The OTP entry screen will appear.
Enter the OTP (6-digit number) displayed by the OTP authentication device.
[When the OTP entry screen does not appear]
- OTP authentication device is not registered.
If you are not registered, the message "Authentication failed" will be displayed after entering your password. - Connected from the campus network
When you authenticate with JAIST-SSO from the campus network, you do not need OTP.
You can authenticate only with your user name and password.
When authenticating with a client certificate
Import the client certificate into your browser beforehand. (Client certificate issuance procedure)
Enter your user name
When the screen on the right appears, please enter the user name of your JAIST user account.
[About Usernames]
- Students……s+student ID number (e.g. s1234567, s0000000)
* If you change your e-mail address, your user name will not change. - faculty and staff…Before @ in email address (e.g. t-sentan, jaileon)
Enter your password
When the screen on the right appears, please enter the password for your JAIST user account.
Select authentication factors
The authentication factor selection screen is displayed if the user name and password are correct.Click on the pull-down menu, select "Client Certificate" and click on "SUBMIT".
Present your certificate
If you are using a browser with an imported certificate, a screen for selecting the certificate to be used for authentication will appear.
When more than one certificate has been imported, select a valid certificate.
[What is a valid certificate?]
Please read "How to check the validity/revoked of the client certificate"
[When the certificate selection screen does not appear]
It is likely that the information you previously selected is still being used. Please try restarting your browser or using a private window.
Microsoft Edge
A pop-up window will appear at the top of the screen, as shown in the image on the right.
Click on a valid certificate, and then click [OK].
Safari
Select a valid certificate and click [Continue].
* If you are asked for your keychain password, enter your PC password.
Flow of use
This section describes the flow of JAIST-SSO authentication from an off-campus network using OTP (Email).
* The flow may be different depending on the user's environment (e.g. preconfigured authentication factors).
- Enter a user name and click "LOG IN".
- Enter your password and click "LOG IN".
- Select "OTP (Email)" in the Authentication List (authentication factor selection screen) and click "SUBMIT".
*The authentication factor options are those checked in the Multi-Factor authenticate selection in the User Attributes Setting. By default, all three of "mail", "totp" and "cert" are checked, and the selection screen shows [OTP (Email)], [OTP (Authenticator)] and [Client certificate] as options. If the option [OTP (Email)] is not displayed, check the "mail" check box.
Also, if only one is ticked, the selection screen is not displayed. For example, if only "mail" is checked, the OTP e-mail is sent immediately after entering the password and the input screen is displayed. - (On any device) Check the OTP (8-digit number) sent to your registered email address.*The subject of the email is ‘JAIST-SSO One-Time Password Notification’.
*Do not reply to this email.
*OTPs are valid for five minutes after issue (after select "OTP (Email)"). - Enter the OTP and click "SUBMIT OTP".*When you click on "REQUEST OTP", a new OTP will be sent to your email.
*After a new OTP is created, the old OTP is no longer available, even if it is still within the validity period.