HKU Authenication Services

The HKU Authentication Service is to support Single Sign On (SSO) authentication of departmental web-based applications and mobile applications using HKU Portal UID/PIN. It supports three authentication protocols, namely the OpenID Connect, Security Assertion Markup Language (SAML) version 2.0 Authentication Service and Central Authentication System (CAS). All these protocols provide the options to authenticate login by the types of HKU Portal account holders (i.e. HKU staff, students, departmental account holders and retirees).


  1. Complete the vulnerability scanning test which can be applied via CF-163.
  2. And then submit CF-109 to apply for the use of the HKU Authentication Services.
  3. If the application is developed by an external vendor, please complete this Terms and Conditions on System Development and Deployment and attach the signed agreement to CF-109.


Multi-Factor Authentication

February 2024
February 2024

Mandatory for all staff accounts

May 2024
May 2024

Mandatory for all student accounts