You are now in the main content area

Central Authentication Service (CAS)

CAS stands for Central Authentication Service. It's an enterprise authentication system used by many Toronto Metropolitan University (TMU) web applications to verify a user’s identity. It controls the login process to, Google Workspace at TMU, and other services.

CAS supports Single Sign On (SSO). SSO is a session/user authentication process that allows a user to provide his or her credentials once, in order to access multiple applications. It authenticates the user to access all the CAS-ified applications that he or she has been authorized to.

When a user needs to access a TMU web application that requires authentication and has been CAS-ified, the web application will send the user to CAS in order to find out who the user is. CAS will ask for the user’s my.torontomu username and password and check it against TMU’s Identity Management System. When the username and password are verified, CAS will tell the web application who the user is.

  • It provides SSO from to Google Workspace for TMU, MyServiceHub, eHR and other web applications.
  • It provides better security - at all times prior to and during the authenticated web session, CAS is the only service that is handling the user’s password. There is no risks of the web application being hacked or manipulated to expose users’ passwords.
  • Our version of CAS has been enhanced to support two-factor authentication.

If you have an application that you want to authenticate through the CAS system, you should submit your request using the  (google form) CAS Service Request Form (external link)