What is SSO?
Single Sign-On (SSO) is the ability to log into multiple locations using a single set of secured authentication credentials.
For example, an employee has an email address and password. When they access their account on different websites or apps, they are directed to the same login screen for their organisation, which authenticates their log in and gives them access. This feels seamless for the employee, and is easy to remember.
In this way, an employee does not need to remember different log in information for each account they have. The Organisation can ensure that they have access to all of the locations they need and help them to reset their password, so they retain full control.
Using SSO for your LMS means that Spark is not able to manage password access for your users, and this will need to be supported by your team.
What options are supported on the Spark platform?
SSO can be enabled on individual brands within one LMS instance.
Central Authentication Service (CAS)
This requires several details, including Server URL, Version, Confirmation of Sign-in behaviour and Trainee Identifier details (i.e. email/username).
OpenID Connect
This required Endpoint URL, Client ID, Client Secret and Trainee Identifier (i.e. email/username).
What does it look like?
When SSO is set up for your Spark LMS, the log in option on the Log In homepage will change.
Normally, users would be asked to sign in with their email address and unique password for normal platform authentication, including the ability to use their associated account email address, mobile number, or username (where enabled), and reset their password.
With SSO in place, Users will instead click a button to sign in, and be redirected to the SSO log in page where they can enter their SSO credentials.
Once successfully signed into the SSO, they will be directed back to the Spark LMS and logged into their account, and can proceed as a regular user.