PSU Site B - Entra SSO

NOT LOGGED IN

Microsoft Entra SSO Integration

This is Site B of the PSU SSO proof-of-concept. Test the Microsoft Entra authentication flow and verify FPID continuity across sites.

Check UTMVisit Site A

Microsoft Graph API Example

Testing Instructions

Authentication Flow

  1. Click "Sign in with Microsoft" in the header
  2. Complete authentication on Microsoft's login page
  3. Verify you're redirected back with "LOGGED IN" status
  4. Test the "Fetch My Profile" button below

FPID Continuity

  1. Check FPID in DevTools → Application → Cookies
  2. Sign in with Microsoft
  3. Verify FPID remains the same in DevTools
  4. Test cross-site navigation maintains FPID

Technical Implementation

OAuth2 Flow

  • Authorization Code + PKCE
  • Single-Page Application platform
  • LocalStorage for cross-tab persistence
  • Silent token refresh

FPID Preservation

  • Cookie scoped to .psu.edu domain
  • SameSite=Lax for redirect compatibility
  • State parameter carries FPID through SSO
  • Cross-site continuity verification