Depending on your needs, several authentication options are possible:
no need in terms of SSO = classic authentication
need an SSO = CAS or SAML authentication
First, here's how to access these several authentication options (click on the image to access the tutorial):
No need in terms of SSO = classic authentication
The classic authentication is, as its name indicates, the authentication that is found on most sites. You connect with your email address and password.
For this type of authentication, you must log in each time you want to access your training portal (unless you saved the password as allowed by some browsers).
Need an SSO = CAS or SAML authentication
An SSO (or Single Sign On) allows the user to connect with a single identifier to various applications. Once connected to the SSO service, the service tells each application that the user is already authenticated. This avoids having to connect to each application.
In short, setting up an SSO means we want that a user connects only to one system (the company's HRIS), and from there he can access other platforms (eg Dokeos) without having to reconnect with a login and password.
To set up the SSO between 2 systems, there are several exchange languages possible: CAS and SAML are 2 examples. They define the rules of language between the 2 systems (HRIS and Dokeos for example) so they can communicate and set up the SSO.
And the HRIS in all that?
The HRIS (Human Resources Information System) is a system managing a set of software and allowing to automate tasks related to the management of human resources and to ensure a follow-up (collect data, etc.).
These softwares can be of several kinds: administrative management of the personnel, LMS, payroll management, etc.
The CAS authentication (Central Authentication Service)
To enable CAS authentication:
select the activation button
enter the basic url for CAS authentication that will make Dokeos go to the internal system of the customer (allowing Dokeos to check that the learner, that tries to connect, exists at the customer)
Three values are requested to the HR system by Dokeos when a user logs in: his first name (fn), his last name (ln) and his email (email). The goal is to confirm that the user comes indeed from the customer.
Here's an example of response sent to Dokeos if a person tries to connect to the Dokeos software:
If Dokeos finds this user in the list of registered users, then he will be able to connect.
If Dokeos does not find this user in the list of registered users, it will create it in the Dokeos software and he will be able to connect anyway (because he is present in the HR system database).
The SAML authentication (Security Assertion Markup Language)
To enable SAML authentication:
select the activation button
enter the basic url for SAML authentication that will make Dokeos go to the internal system of the customer (allowing Dokeos to check that the learner, that tries to connect, exists at the customer)
provide the SSL certificate (used for secure data transfer and connection information such as user names and passwords)
Three values are requested to the HR system by Dokeos when a user logs in: his first name (first_name), his last name (last_name) and his email (email). The goal is to confirm that the user comes indeed from the customer.
Here is part of an example of response sent to Dokeos if a person tries to connect to the Dokeos software:
If Dokeos finds this user in the list of registered users, then he will be able to connect.
If Dokeos does not find this user in the list of registered users, it will create it in the Dokeos software and he will be able to connect anyway (because he is present in the HR system database).
For more information about the authentication options, do not hesitate to contact us.