1Password Entra Single Sign On Setup

Overview

This outlines the steps needed when migrating from using a stand-alone password to using SSO via Microsoft Entra for Oakland University 1Password.

Email Alerts for Sign In Change

You will be receiving an email at your Oakland University email account when your 1Password account is set to change sign in methods. The email will include a link for you to click that will take you directly to the sign in page for 1Password. Please click this link if you’d like to start that process.

Please note: You will have 30 days in which to do this. After 30 days, you will lose access to your 1Password account and will need to submit a support ticket so we can recover your account.

Setting up your 1Password account to use Entra SSO

Please make sure you are not using incognito/private mode to do these steps. Access 1Password for these steps in a normal browser session.

  • Sign into 1Password using your password like normal.

  • Upon completing Duo multifactor authentication, you will be greeted with a notice that looks like this:

  • Please click Get Started.
  • In the next screen click Sign in with Microsoft in the bottom right corner.

  • This will open up 1Password’s sign-in screen, only you now have a Sign in With Microsoft option in place of where your password box would be. Click this option.

  • This will take you to Oakland University’s Entra login screen. Login with your netid@oakland.edu credentials.

  • Once logged in with Entra, it will return you to a screen that will let you either set up browser alerts if you so choose, or to view your profile. Please click View Profile.

If you have the browser extension or desktop app installed, you will now have to log into them using Microsoft Entra as well. This involves authorizing your account now using SSO to access what you used to access using your password, by way of transferring an encryption key.

  • If you have the 1Password browser extension installed, you may see a notice stating that you need to transfer your encryption key. 

  • Click Transfer Key
  • You will have a code displayed in the following window. Copy this code. Do not click cancel.

If you have the 1Password Browser Extension installed

  • Open your browser extension and you will see that you need to sign into it using Microsoft.

  • Click Sign in with Microsoft and it will open a browser. Enter your netid@oakland.edu credentials like you did previously. It will open up your browser extension.
  • You will see a notice on your extension that you need to transfer your encryption key. Copy the code you received earlier into your extension and click Submit.

  • You will now see a message stating that your extension is authorized and will be receiving codes using this extension for other apps being set up in the same way.

If you have both the 1password Browser Extension and Desktop App installed

  • CLOSE ALL PREVIOUS BROWSER SESSIONS
  • Open the 1Password Desktop app and click Sign in with Microsoft. This will open a browser session. Use your netid@oakland.edu credentials.
    • You may see a pop-up stating that the 1Password browser extension is trying to sign in. Click Cancel on this message.

  • Once cleared, it will drop you back into the desktop app.
  • You will see a message stating that you need to enter a code to transfer your encryption key. Leave this message open for now.

  • Open up your browser again. Go to 1Password and log in.
    • You may again see a pop-up stating that the 1Password browser extension is trying to sign in. Click Cancel on this message.

  • You will see a message stating that you will need to transfer your encryption key. Click Transfer Key.

  • Copy the code that is displayed. Do not click Cancel.

  • In your app, paste in the code that you just copied to the Transfer Encryption Key message in the 1Password desktop app we left open earlier. Click Submit.

  • You will see that this app is now linked. Click Done.

Afterwards

After you have set this up, you may get an alert that your account was used to log into a browser extension or app that 1Password hasn’t seen before. This is normal as you just set up sign in on them. 

FAQs

What if I have a personal 1Password vault that I have my Oakland University vault linked to in order to log into both with one password?

You can view both accounts in the unified view, but each account needs its own respective authentication method. SSO will only work to unlock your Oakland University account. You will still need to use your master password to unlock your personal account.

Please see this 1Password support page for more details.

Your free “1Password Families membership” is not included in this transition, and UTS/OUTC is unable to provide support for those accounts.

Will unlocking via biometric methods still work when SSO is enabled?

Yes.

I am being asked for a Login URL - what is it?

Our signin URL is oakland-university.1password.com Please use that when asked for a login URL. For instance, on the Desktop App:

Additional Troubleshooting steps for 1Password using SSO

Please see instructions from 1Password support here.

Additional Support

  • OU Technology Center
  • 44 Oakland Center
  • Rochester, MI 48309-4479
  • (248) 370-4357
  • Office Hours: M-F 8:00am - 5:00pm
Print Article