Normal login to university services proceeds in two steps: after authentication, you accept the disclosure of your credentials to the system and can then access the service.
Computers that are centrally administered by the University offer a single sign-on service to facilitate the work of university staff and students. After logging in to the computer with your username and password, you do not need to separately log in with the browser.
Pay attention to information security
- Check from the address row that you are on the right login page!
Check the address bar to make sure you are on the right login page!
The address must begin with (depending on the situation):
https://login.helsinki.fi/
https://login.microsoftonline.com (when signing in to Office365 services)
https://stshy.helsinki.fi (separate login on home computers)
- Remember to always lock your workstation when you leave your computer!
If the single sign-on is in use and you leave your computer unlocked, anyone can access numerous university services with your credentials without separately logging in.
Quick help
Normal login to university services
Normal login to the services proceeds in two steps:
- Authentication, sign in with your username (short form e.g. rkeskiva)
- Approval of the disclosure of your credentials.
After this, the service is available.
A list of the personal data disclosed to the service is displayed on the approval page. If there are no changes to your information, this approval will only be required the first time you log in to each service.
Multifactor Authentication
Multifactor Authentication (MFA) will be gradually expanded to several services. Users will receive separate notification from the service owner.
If multi-factor authentication is enabled, you will be redirected to the AD login used by the O365 services, after which the process will return to the normal login page (login.helsinki.fi) where you can approve the disclosure of data.
For detailed instructions on using MFA authentication, see the Detailed help tab.
Detailed help
Logging in to university services
In the future, login will be a two-step login process: after authentication, you accept the disclosure of information about yourself to the system, after which you can use the service.
On the approval page, you can see a list of the information disclosed about yourself to the service. If there are no changes to your information, this approval will only be required when you are first logging in to each service.
- You can log into the service directly by entering your username and password (1) and clicking LOGIN (2).
- If you want see the information which is disclosed about you to the service, enter your username and password, tick the option "Redisplay the page on accepting the disclosure of your information" and click LOGIN. You will be moved to a page on which you can see the information to be disclosed, and you can either accept or reject their disclosure.
- On this page, you can see the information to be disclosed (1). The information to be disclosed depends on the service.
- If you accept the disclosure of your information, click ACCEPT (2). You will be given the opportunity to move to the service you have selected.
- If you do not accept the disclosure of your information, click REJECT (2). Note that you will be unable to use the service if you select this option.
If you later on want to see what information you have disclosed, on the login page (for instructions, see the first image), tick the option "Redisplay the page on accepting the disclosure of your information". You will be moved back to the page where you can accept/reject to disclose your information (see the second image in the instructions) and where you can see the information you have disclosed.
Single sign-on to services with university computers
These instructions are intended only for computers in the university’s centralised administration.
A single sign-on means that after logging in once with your username and password, you no longer need to separately log in with a browser.
Using the single sign-on service
- Use the browser to open any university service that uses the university login service (e.g. Flamma). The login page will open (see below).
- Click the “Use single sign-on” button (1).
- Note! The button will only be visible if these requirements are fulfilled. If the alternative is not visible, continue to log in by entering your username and password.
- If you want see the information which is disclosed about you to the service, you can check the option “Redisplay the page on the acceptance of the disclosure of your information”.
After this, when you open the following service (e.g. Flamma Workgroups or SAP HR), you can automatically log in to it if the service is included in the single sign-on service.
You can administer/remove the settings later in this webpage.
- This setting is browser-specific and will be stored in a cookie.
Conditions for using the single sign-on service
- Works only on the university computers (Windows, Mac, Cubbli, vdi in the internal network (university network, VPN and eduroam).
- Supported browsers: Edge, Firefox, Chrome and Safari
- Browser settings for these browsers are made centrally for the university computers. If you encounter problems, see next section (Problem solving).
Problem solving
Please note that if you bring your own computer to the university (e.g. in the eduroam network), the Use single sign-on button will be displayed on the screen, but it does not work. Since your computer is not under the university’s centralised administration, its login details are not the same as on the university’s computers.
Helpdesk supports you only if:
- you are using a university computer under centralised administration
- you are in the university network (including VPN and eduroam)
- you are using a supported browser
Ending use
- It is not possible to end the use of the single sign-on alternative on the university computers under the centralised administration, but you can disable single sign-on by removing the check from the checkbox here. This must be done separately for each browser.
- Another alternative is to clear the browser’s cache
Error situations
When you log in to a computer, information about this is transferred to the back-end systems. The transferred information is used to enable single sign-on to other university services. This information is valid for 10 hours at a time.
Do the following to revalidate the authorisation:
- Open Terminal, enter the command kinit and enter the password for your username (the terminal will not show the characters you enter).
OR
- Put the computer to sleep for a while (Apple Menu > Sleep) and then wake it up (by clicking one of the keys on the keyboard). Enter your password when logging in. Do not log in with Apple Watch or your fingerprint.
The authorisation is now valid for another 10 hours. Single sign-on works as long as the authorisation is valid.
If you use fingerprint authentication or Apple Watch, the authorisation is not renewed. This affects, for example, single sign-on and, thus, printing.
Multifactor Authentication
Multifactor Authentication (MFA) will be gradually expanded to several services. Users will receive separate notification of this.
If the service you are logging in to requires Multifactor Authentication, log in as follows:
- Office 365 authentication will be displayed. Log in with your username in the form username@ad.helsinki.fi (e.g., the username of Raimo Keski-väänto is rkeskiva, so he signs in with rkeskiva@ad.helsinki.fi)
- You will be forwarded to the University’s login page.
- Enter your password and click on Sign In.
You will then be requested for additional authentication, as specified by the owner (e.g., in the Microsoft Authenticator application).
You can choose that the service remembers your authentication.
- When logging in through login.helsinki.fi, the service remembers your authentication for only three hours.
- O365 services remember your authentication for a maximum of 90 days.
After authentication, you return to the normal single sign-on where you can approve the disclosure of your information.
(If you have already given your consent for information disclosure, this stage may not be needed.)
Tämän jälkeen pääset palveluun.
Video instruction
Give feedback
The instructions site of the University of Helsinki's IT Helpdesk helps you with IT-related issues related to your work. Let us know how we can improve our instructions. We greatly appreciate your feedback!
How would you improve these instructions?