Single Sign-On (SSO) via SAML

QuickSchools uses the Single Assertion Mark-Up Language (SAML) to implement Single Sign-On (SSO) with external systems. You will need an Identity Provider (IDP) like Microsoft Azure or Active Directory to manage logins from multiple Service Providers like QuickSchools. For more information on SAML, check out this article:

https://www.varonis.com/blog/what-is-saml/

This app is currently in Private Beta, and is not yet available on the QuickSchools App Store. This app is only available by request. Please contact our support team, if you would like to try out this feature.

Requirements

This app requires that your QuickSchools account be configured with District (or Group School) Settings. If you have multiple sites linked as a group, the IDP will be managed centrally by the main account in your group.

Installation and Set-Up

After installing the app, the configuration is in 2 parts:

  • Copy the configuration from the IDP into QuickSchools
  • Copy the QuickSchools SAML Configuration to the IDP

You’ll need to configure the IDP settings in QuickSchools. If you have the “Federation Metadata XML” file from your IDP, you can use the “Upload IDP Metadata” button to upload the configuration. Be sure to select the correct SSO type as well:

Once the IDP has been configured in QuickSchools, you’ll need to configure your IDP with the configuration info from QuickSchools: 

If your IDP has the ability to upload a metadata file, you can generate the corresponding metadata file in QuickSchools using the “View metadata.xml” button.

There are slight differences between the various IDPs that area available. For example, Google SAML does not require SLO, but Microsoft Azure does provide a Logout URL.

How it works

Once your IDP has been connected with QuickSchools as a Service Provider, you can then manage your users from your IDP and give them access to QuickSchools as Service Provider. 

So for example, in Microsoft Azure, users can access the My Apps page, which will show all apps connected to your login connected to Microsoft Azure. The name and logo of the app depends on how you’ve configured it.

2 thoughts on “Single Sign-On (SSO) via SAML

Leave a Reply