Single Sign-On Requirements for AccuCampus

Single Sign-On Requirements for AccuCampus

Introduction

The aim of this document is to explain how to integrate your own site or portal with AccuCampus. It also includes usage examples so you can get started faster.

This alternative access method would allow you to integrate AccuCampus into your portal, which supports a single log in into all your online services. This also simplifies account maintenance as users only need to know a single ID and password to log in to all your services.

For this to work, you need to import your users' data into AccuCampus. When the user signs in to your portal, they can click on a link that will take them to the AccuCampus website without having to sign in to AccuCampus. This is possible because your portal link will include a token that identifies your application and an ID that identifies your user.


How does it work?

To understand how the single sign-on authentication process works, let's take a look to the following diagram:

Single sign-on authentication process


Now, a user called ABC is using your web site, and is logged in. You might be using browser cookies or a parameter in the URL to know who is logged in across multiple requests.

When the user wants to access AccuCampus, the first thing he does is to ask your application about it. Your site is configured and can connect to AccuCampus using a public API, so it sends a request to get a new login token for the logged in user. Also in the request, your access key and the ID of the user using your site are sent. Optionally you can specify if the corresponding token should expire when the session is inactive or not (if this parameter is not specified the default account's configuration will be used).

AccuCampus authentication server gets the request and validates both the access key and the user ID; if they are correct a new login token is issued. After that, your site simply builds an URL pointing to AccuCampus web servers, which includes the login token.

For example, if the authentication token returned was:

DD4FE3F9-6128-43ff-A5B1-F35A467FBB82

Then the address where the user has to go will be something like this:

https://accucampus.net/?token=DD4FE3F9-6128-43ff-A5B1-F35A467FBB82

The final step is to redirect the user (client computer) to that address, and AccuCampus will recognize the token sent and let the user access the site.

Additional parameters might be added into the URL to customize the login. A forward (fwd) parameter can be specified; it's used to tell AccuCampus server which page is being requested. For example, you can tell AccuCampus to open the Users List page, reducing the need to click it on the menu.


Security Considerations

All requests between AccuCampus and the users and between AccuCampus and your servers can use HTTP Secure (HTTPS) to protect the data sent across the internet. The access key and the user ID are being protected this way.

The communication between your server and your site users should also use HTTP Secure for additional protection.

Important: Your access key lets you login as any user in AccuCampus without asking for the password. You must keep your access key protected, otherwise your information might be stolen. Reset your keys periodically to mitigate information risks.


ASP.NET example

If your site was built using ASP.NET you can enable your users to login to AccuCampus via single sign-on by creating a new page in your root directory. Download ASP.NET example


PHP example

If your site was built using PHP you can enable your users to login to AccuCampus via single sign-on by creating a new page in your root directory. Download PHP example


Single sign-on is not limited to sites built using ASP.NET or PHP only. These are just examples. You can authenticate your users to our system via single sign-on following the steps above by using any web development language/framework available.

    • Related Articles

    • AccuCampus Reference Guide

      Engineerica Systems, Inc. P.O. Box 677096 Orlando, FL 32765-7096 Phone: (407) 678-0936 Fax: (407) 678-0287 www.engineerica.com Engineerica Systems, Inc. (“Developer”) has made every effort to ensure the accuracy of this document. Developer makes no ...
    • AccuCampus How to create quizzes in the App?

      INTRO Now you can create and play with quizzes in AccuCampus APP for both Android and IOS systems, in this article we describe (with examples) how to create a quiz in AccuCampus, since both versions for Android and IOS are very similar we will be ...
    • How do I set up a sign-in station for courses (Single-Step Kiosk) in AccuCampus?

      This article explains how to create a single-step kiosk (sign-in station) within AccuCampus. A Single-step Kiosk signs the user into a course or seminar based on the schedule of the location.  1. From the Main Sidebar, hover over Center Visits. 2. ...
    • AccuCampus- How do I change Courses in a manually-selected Kiosk?

      INTRO In AccuCampus you can create Kiosks of several types: Use Manually-Selected to select a specific class, course, or seminar, and have multiple attendees sign-in. Single-step Kiosks allow people to sign-in to the Class, Course, or Seminar based ...
    • Module 4 - Sign In Stations in AccuCampus

      Module 4: Sign-In Stations Topic: Sign-In Stations Creating Sign-In Station Installing Sign-in Station How to Sign-in (Kiosk) How to Sign-in (QR/Barcode Scanning) How to Sign-In (Beacon) Who’s In Feature Session Logs Manually Creating Session Log ...