Note: These requirements are for OpenSesame integrations and content launch types that use SAML SSO. For the other SSO options—marketplace or CourseCloud login—see OpenSesame's single sign-on (SSO) options.
Some OpenSesame integrations and launch methods use SAML single sign-on (SSO) to validate access, which means that a learner cannot successfully launch OpenSesame courses until:
- A SAML SSO connection exists between one SAML SSO identity provider (IdP) of your choice and OpenSesame.
- The learner exists as a user in that IdP.
If you plan to use Quick Launch Links or an integration that requires you to have your own SAML SSO IdP, please confirm that all OpenSesame users and learners within your organization are added as users in your single sign-on provider.
OpenSesame can support one IdP per organization. If your organization has more than one:
- Choose one IdP to connect with OpenSesame.
- Ensure that all learners can be added as users in that IdP.
Whichever IdP you use, ask your IT team to confirm that it meets the following requirements:
- It supports SAML 2.0 authentication.
- It supports Service Provider Initiated (SP-initiated) authentication and can disable Identity Provider Initiated (IdP-initiated) authentication per application.
- It can supply the following custom SAML attributes, to be sent in SAML responses:
- A unique and persistent studentID attribute (either an email address or a unique company identifier).
- A combined first and last name attribute (optional; necessary to use the reporting available in OpenSesame).
For a learner to launch OpenSesame courses, the learner must exist as a user in your SAML SSO IdP. Logging in to your IdP is how their access is validated. Without that validation, their OpenSesame courses will not launch.
For help, contact OpenSesame Support at support@opensesame.com, use live chat, or call (503) 808-1268, ext. 2 (U.S.) or +44 203 744 5541 (Europe).
Comments
0 comments
Article is closed for comments.