Hybrid SSO Procedure

The process described involves the configuration and management of SSO (Single Sign-On), with particular attention to the hybrid SSO mode for a company. Below you will find a summary of the necessary steps, with key notes to better manage the activation and import of the user list:

For details on the standard SSO procedure, please refer to the dedicated section.

NB. If a company transitions from normal mode to standard SSO the SSO authentication method will be automatically set for all users.

Once the standard SSO is configured, the hybrid SSO option is activated. This mode allows managing users with different authentication methods, specifying who should access via credentials and who via SSO.

During the user list upload, it is necessary to add a column named authmode. This column identifies the authentication method for each user:

• 0: access via credentials.

• 1: access via SSO (SAML).

Important note (if the company is live): If the company has already activated standard SSO and previously uploaded a user list, it is necessary to update this list by specifying the respective authentication method for each user.

During the user list import phase, it is necessary to correctly map the authmode field to ensure that the system understands which authentication mode to assign to each user.

When adding new users via the interface, it is possible to select the authentication method in the management menu, where the options are:

• DEFAULT (for access via credentials),

• SAML (for access via SSO).

During the go-live phase, it is possible to enable the "first content" student caring for the company. If this option is active, for users with authmode = 0, access credentials will be sent, while for SSO users, only the SSO access button will be displayed.