Note: These requirements are for OpenSesame integrations and content launch types that use SAML SSO. They do not describe SSO for logging in to opensesame.com.
Some OpenSesame integrations and launch methods use SAML Single Sign-On (SSO) to validate access, which means that a learner cannot successfully launch OpenSesame courses until:
- A SAML SSO connection exists between one SAML SSO identity provider (IdP) of your choice and OpenSesame.
- The learner exists as a user in that IdP.
If you plan to use Quick Launch Links or an integration that requires you to have your own SAML SSO IdP, please confirm that all OpenSesame users and learners within your organization are added as users in your Single Sign-On provider.
OpenSesame can support one IdP per organization. If your organization has more than one:
- Choose one IdP to connect with OpenSesame.
- Ensure that all learners can be added as users in that IdP.
Whichever IdP you use, ask your IT team to confirm that it meets the following requirements:
- It supports SAML 2.0 authentication.
- It supports Service Provider Initiated (SP-initiated) authentication and can disable Identity Provider Initiated (IdP-initiated) authentication per application.
- It can supply the following custom SAML attributes, to be sent in SAML responses:
- A unique and persistent studentID attribute (either an email address or a unique company identifier).
- A combined first and last name attribute (optional; necessary to use the reporting available in OpenSesame).
For a learner to launch OpenSesame courses, the learner must exist as a user in your SAML SSO IdP. Logging in to your IdP is how their access is validated. Without that validation, their OpenSesame courses will not launch.
If you have further questions, our Support team is here to help via email at support@opensesame.com or via live chat and phone. Reach us at (503) 808-1268, ext. 2 (U.S.) or +44 203 744 5541 (Europe).
Comments
0 comments
Article is closed for comments.