CAS authentication is considered a legacy protocol and should not be used for new production systems & services. To improve security and streamline access management, we are deprecating legacy single sign-on (SSO) protocols CAS and Shibboleth and will only allow SAML or OpenID Connect (OIDC) via Microsoft Entra ID going forward. SAML and OIDC are modern, standards-based protocols that provide enhanced authentication, authorization, and federation capabilities compared to older protocols like CAS and Shibboleth. By consolidating on SAML and OIDC via Microsoft Entra ID, we will be able to leverage improved security features, reduce complexity, and gain greater visibility into access and usage through unified logging and reporting. Exceptions will be made on a case-by-case basis where there is a compelling business need to maintain legacy protocol support, but the long-term goal is to fully transition to SAML and OIDC via Entra ID for all SSO integration. This change will improve our security posture while also streamlining access management as part of our continued efforts to mature our identity and access management practices.