Setting up Login/Single-Sign-On (SSO) for your Account

Intellum provides multiple authentication options for your account. In addition to simple login configuration options (Password, Facebook and Google authentication), we provide SSO configurations (OpenID Connect, OAuth 2.0 and SAML) which allow direct connection between your company portal or internal website.

 

Simple Login Configurations

 

Password Login

A simple username and password option, which is the default login configuration used for accounts.

Facebook Login

Authentication via Facebook’s login widget. When this option is used, users will encounter a login widget that leverages the user’s Facebook profile.

Google Login

Authentication via Google’s login widget. When this option is used, users will encounter a login widget that leverages the user’s Google profile. Contact your implementation or account manager and they will enable this for your site. Settings you should update are:

  • In Account Settings, select “Require logins to use SSL (HTTPS) connection” for SSL Login
  • If you want to restrict your login to any specific email domains provide those to your implementation/account manager
  • If you want to enable this authentication only for specific branding organizations on your site, provide those to your implementation/account manager

Finally, you may define the lookup attribute as either the UID or Email field of the user account.



SSO Configurations

 

OAuth 2.0

OAuth 2.0 is an authorization framework that works by delegating user authentication to the service that hosts the user account and authoring third-party applications to access the user account. Ideally, if you’d like to use OAuth 2.0, just provide your account manager with your OAuth 2.0 details  or work with them to implement this particular solution.

OpenID Connect

OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol. If you want your users to access the Exceed LMS via OpenID Connect, please contact your implementation or account manager and they will help you enable this for your site.

SAML 2.0

SAML is an XML standard for exchanging authentication and authorization data between security domains. If you are using SAML for your SSO integration, your account manager or implementation specialist will assist you in the process of “trading metadata” which allows the SAML process to successfully work. This is a two-step process:

  1. The Exceed SP metadata file can be received at the following link: https://YOURSUBDOMAIN*.exceedlms.com/authentication/saml/sp
  2. Intellum will need either a link to your IdP Metadata endpoint or a text copy of your IdP Metadata XML file.

The unique identifier for the employee should be in the NameID element of the SAML response, as per the standard.

Once you’ve posted a response to the staging environment Intellum will check the logs and test it with our parser to confirm it works with your configuration. Your implementation or account manager will work with you to coordinate this.

 

* - YOURSUBDOMAIN is the site name created for your organization

 

 

Have more questions? Submit a request

0 Comments

Article is closed for comments.