skip to content

IT Help and Support

University Information Services

What is the University Central Directory

The University uses Microsoft’s Entra ID (formerly Azure Active Directory) as its directory service for users, groups and other objects. It is part of the Office 365 cloud suite.

The University’s Microsoft Entra ID instance holds user details of many people from both inside the Collegiate University and also from outside. It is the recommended solution for authentication at Cambridge supporting both OpenID Connect and SAML2.

Users in our Entra ID system are forced to authenticate using multi-factor authentication (MFA).


Blue active directory (AD)

Blue Active Directory (AD) is an on-premise directory linked to the Entra ID directory. Once a user has authenticated to Entra ID, they are automatically authenticated to Blue AD.

Blue AD contains the subset of Entra ID users who have a UPN ending with ""

IT staff are encouraged to use Entra ID in preference to Blue AD where ever possible.


Understanding users and groups in Microsoft Entra (formerly Azure Active Directory)

Users are created automatically based on data feeds from other systems in Microsoft Entra. You can manage groups locally but UIS also provides some groups centrally that they may find useful.

Find out how users and groups are created in Microsoft Entra



Toolkit gives local authorised users the ability to manage selected objects in Blue Active Directory, Microsoft Entra ID and Office 365 for their institution. You can use it to manage users, groups, mailboxes, and more. 

Find out more about Toolkit


Authenticate users to the University Central Directory service using OpenID Connect

How to authenticate users by implementing Open ID Connect (OIDC) using the University of Cambridge’s Microsoft Entra ID. Entra ID authentication replaces ucam-webauth, which has been deprecated.

Find out using OpenID Connect to authenticate users