Information Technology Services
Information Technology Services

Common Sign On

Common Sign On (CSO) allows your application to authenticate against a Queen's central LDAP and Active Directory databases. This database can include all active members of the Queen's community or be filtered down to a subset of users. By using a central database, the user is able to use their NetID and password across all applications. It also gives the application administrator an alternative to storing their password in a local database.

More specifically, the CSO service uses LDAP to allow applications written in any modern language to authenticate users and retrieve data specific to that user.

Getting Started

Who Can Have It?

  • All Queen's staff, faculty, and departments are eligible for this service.

What are the Costs?

  • Costs are based on ITS' standardized general labour rates. CSO pricing is based on labour estimates plus an additional infrastructure cost. If additional labour is required due to customizations or late changes, then we will simply apply the standard hourly rate for every additional hour.
  • Please keep in mind ITS will best be able to provide you with a quote based on time and effort after a consultation.
  •  A standard CSO setup will require 5 hours labour + a $XXX infrastructure cost. This cost will include:
    • Production account
    • Preview/Test account
    • Optional - authorization
    • Data release approval from data owners (e.g. Human Resources or Office of the University Registrar)
  • Our additional infrastructure costs help us keep our infrastructure up-to-date and ready to scale to our future business needs.

Please note these are only estimates and will change if specific customizations or late changes are made.

How Do I Get It?

  • It is best to review the relevant documentation to familiarize yourself with Common Sign-On first. 
  • You will need to submit a request to the CSO team. This request should be filled out by the project lead and a technical person. It is likely you may not have all the answers to each question; just fill in the information you know. The Single Sign-On team will contact you within the next few business days to arrange a meeting to go over the details. If approved an LDAP user account or Active Directory account will be sent to the submitter.


  • The targeted availability of this service is twenty-four hours a day, seven days a week (24x7).
  • Users of the service should expect occasional but infrequent service interruptions or slowdowns, both planned and unplanned.
  • Where it is necessary to schedule system maintenance that necessitates a service outage, ITS will do this outside of regular business hours whenever possible.
  • Please check the ITS Notification page for information about unplanned service outages.
  • Standard Hours of Operation

Service Level Objective

Please see the links below for Service Level Objectives:

Governing IT Policies

Users of this service are governed by the following policies, failure to comply may result, at a minimum, with suspension of service:

Help & Support