Information about integrating CAS with a website


There are several different ways for applications to integrate CAS authentication, including login and validation.

When integrating CAS authentication with your application, follow these best practices:

  • Applications using CAS must operate entirely over TLS (i.e., the casurl must be an HTTPS URL).
  • Enabling HTTP Strict Transport Security (HSTS) is highly recommended.
  • To be sure they are authenticating to APIIT Education Group’s CAS, users must be able to see the URL
  • Therefore, applications must redirect to CAS and not render the login page inside an iframe or use other similar techniques.


Leave a Reply

Your email address will not be published. Required fields are marked *