How does an SSO for e-Learning work?
Single sign-on software (SSO for short) allows end users to log in once after which access is automatically granted to multiple applications and resources in the network. When single sign-on is used to link accounts, the end user will only have to remember one password.
Chief Customer Success Officer at FLOWSPARKS
Logging in to different places with 1 profile
Single Sign On (SSO) is a way to have 1 profile, while having the possibility to log in at different places with 1 username and password. An example of a place where your single profile might exist is in the Active Directory of your Microsoft environment. So the Active Directory is a database with persons who each have a profile to which attributes are linked. An example of an attribute is the first name, last name, function group, …. When one speaks of an Azure Active Directory, it simply means that the data of persons resides in the cloud application of Azure. As you already notice, the profile data can come from anywhere
The advantages of single sign-on
With so many different credentials to remember, it’s no surprise that users often resort to using the same password across multiple accounts, creating a significant security risk. This is where single sign-on (SSO) for e-Learning comes in. This comes with a bunch of advantages such as:
- Simplicity for the end user
- The end user is more productive
- Provides the opportunity to tighten the only remaining login procedure and make the network more secure
- It can reduce costs related to managing multiple user accounts and passwords or dealing with password-related help desk calls.
Attributes VS Claims
On a person’s profile in an Active Directory, there are attributes. This is information about that person. This can be a mail address, an ID, what position that person has, …. .
When data is exchanged between two platforms, the attribute exchanged is a claim.
Curious about the possibilities with FLOWSPARKS?
Technologies supported in FLOWSPARKS
Within FLOWSPARKS, we support two techniques as standard:
OAuth (Open Authorization)
You probably recognize it: you want to log in to a website and are given the choice of logging in with an account from another Web site, such as Facebook or Microsoft. Then that other site, for example Facebook, handles authentication. The website you visit logs you in at the time they received permission through Facebook. So Facebook has made a federation with the Web site you want to log in to.
Another example is that when you open your browser and log in to a website, you automatically stay logged in the following times if you open the same website or application through that browser. This is because each time you open your browser, it receives an access token. This access token is only valid for a certain period of time. Within that time you can log in an unlimited number of times. When it expires, you have to log in again.
The underlying technique is OAuth and has the following advantages:
- No login code is used, but an access token is used.
- The token has a limited shelf life; a new token must be requested each time.
- When changing or deleting an account, this takes effect immediately when the token is renewed.
- The token is requested by means of a Client ID, which is issued once.
We deploy this standard in FLOWSPARKS for both SSO via OpenID and SSO via LTI 1.3.
SAML 2.0 (Security Assertion Markup Language)
SAML is a system that helps you access applications you need. It is the link between the identification provider and service provider. As a user, you log in once (SSO) to the identity provider (for example, Azure AD) and then the identity provider can pass all your information to the service provider when you try to access those services. The service provider verifies with the identity provider that you are who you say you are. Both systems communicate with SAML and therefore you, the user, only have to log in once.
In addition, SAML has the following advantages:
- You no longer need to remember multiple usernames and passwords.
- If someone leaves employment and you ensure that the employee can no longer log in to the IT environment within the company, this also applies immediately to all cloud and Web services.
- When people change their password, it also changes in the cloud and web services.
Which standard is better?
All modern Active Directories support both. OpenID is more complex and offers a higher level of security. But SAML is easier to set-up and is often the preferred choice.
Are you looking to implement digital learning within your organization?
Is your organization looking to implement a SaaS learning platform that is conform with the latest security requirements? Request your free demo here to see what FLOWSPARKS can do for you.
.avif)
Are you looking to scale up your digital training efforts
inside your organization?
Schedule a demo and discover how FLOWSPARKS helps create and deliver engaging e-Learning experiences backed by strong instructional design principles in multiple languages without a hassle.
More interesting reads
.avif)
Adaptive learning technology explained: Benefits, examples and the 15 best platforms
How do I create interactive e-learning content? 2025 tips & examples
How to make e-learning interactive: 10 proven ways
Want to know how to make e-learning interactive? Explore 10 practical ways to keep learners engaged and transform training into lasting knowledge.