Introduction
Single sign-on (SSO) provides a streamlined approach for your learners, allowing them to utilize their current organizational credentials, such as their username and password, to access your version of Genius CE or Enterprise. This means that once they log in using their organizational credentials, they won’t need to repeatedly enter their usernames and passwords to access Genius CE or Enterprise. This not only simplifies the login process but also enhances user experience as learners can focus on their learning activities without the hassle of multiple logins.
Moreover, Genius CE or Enterprise also offers the capability to capture user information and onboard new learners into your educational initiative. These new users are typically not registered within your organization’s SSO system, meaning they will authenticate directly against the Genius CE or Enterprise database. This flexibility allows organizations to expand their learning programs without being constrained by existing SSO frameworks.
Authentication Methods Available in Genius CE & Enterprise
Users typically have two primary methods for authenticating in Genius+: they can either utilize a Single Sign-On Service or authenticate directly by verifying their credentials against the Genius+ database. Below, we provide a detailed explanation of how these authentication methods function:
Single Sign-On Services:
Authenticating against an Active Directory server is generally a straightforward process. Genius+ requires only read access to your organization’s Active Directory server. When Genius+ identifies new users within this server, it will automatically create their accounts in Genius+. As soon as these users enroll in their first course, they will also be registered in the Learning Management System (LMS). From that point onward, learners have the flexibility to log in either through your LMS or directly via Genius+, depending on how the system has been configured for your organization.
NOTE: If your organization is using a Blackboard LMS, it is common for learners and users to log in through the Blackboard site, thereby gaining access to Genius+ through that platform.
Suppose your organization opts to authenticate learners via a SAML server. In that case, a nightly process typically sends a file via SFTP to Genius+, containing the details of any new accounts established in the SAML server. This method is the preferred way to ensure that Genius+ remains synchronized with the user accounts created in your SAML server.
In cases where this nightly file transfer is not feasible, accounts will be created at the LMS level. Genius+ will then detect and make these new accounts in its database through a process that runs every few hours. Consequently, learners attempting to log into Genius+ will be authenticated against the existing Genius+ database.
When your instance of Genius+ is integrated with a Learning Management System (LMS), an SSO integration is typically established between the two systems. This means that when users log into the LMS, they are automatically authenticated in Genius+ as well, eliminating the need for them to enter additional login information or passwords.
The final method through which users can authenticate to access Genius+ is through “direct-database” authentication. This method is typically used when a user creates their account directly within Genius+. In this scenario, their credentials are not validated or retrieved from any external systems; instead, they are authenticated solely within the Genius+ database itself.
Comments
0 comments
Please sign in to leave a comment.