SSO with edudip: Easy and Secure Login

What is SSO?

SSO stands for “Single Sign-On” and allows you to log in to multiple applications with just one set of credentials. With edudip, SSO enables you to use your existing login information (Google Workspace or Microsoft Entra) to access your edudip account. This eliminates the need to remember an additional password, enhancing security: fewer passwords mean a reduced risk of password theft.

How to Activate SSO in edudip

  1. Log in to your edudip account.
  2. Navigate to your profile settings.
  3. Select the “Login & Security” tab on the right-hand menu.
  4. Click on “Connect”.
  5. Choose your preferred identity provider (Google or Microsoft).
  6. Follow the on-screen instructions to complete the connection.

After setup, your employees can log in directly via SSO. You can enforce SSO login if you don’t want your employees to have the option of using a password to log in.

After your employees log in for the first time, you may need to adjust the desired permissions in the team management, as each team member starts without additional permissions.

After setting up the SSO provider, you will see an “SSO Accounts” section under “Login & Security”. This section pertains to the currently logged-in user.

SSO Registration for Webinars in edudip: Easy Setup with Your Own Provider

edudip allows you to enable registration for your participants through your own Single Sign-On (SSO) system. This means your participants can log in with their existing credentials, simplifying access to your webinars and online courses.

Prerequisites

  • You need an OIDC (OpenID Connect) provider that manages the authentication of your users.
  • You need administrator rights in your edudip access.

Configuration in edudip

  1. Navigate to the SSO settings:
    • Log in to your edudip access.
    • Go to “Settings” → “SSO Settings for the Organization” → “SSO Registration for Webinars”.
    • Click “+ Connect”.
    • Click “Configure Your Own Provider”.
  2. Fill out the form:
    • Name: Enter the display name to be shown on the landing page and dashboard.
    • Base URL: Enter the base URL of your OIDC provider. Important: Omit the suffix /.well-known/openid-configuration.
      • Example: https://your-oidc-provider.com
    • Client ID: You set this ID when creating a new application in your OIDC provider.
    • Client Secret: This secret is automatically generated when you create the application in your OIDC provider.
  3. Role assignment via the OIDC provider:
    • You can directly set the role of a participant (moderator or participant) via your OIDC provider:
    • In your OIDC provider’s application, create a claim named edudip_role.
    • Set the value of this claim to:
      • moderator for moderators.
      • participant for participants.

Configuration in the OIDC Provider

  1. Create a new application:
    • Create a new application for edudip in your OIDC provider.
    • Set the Client ID and note it down.
    • Note down the Client Secret.
  2. Create a role claim:
    • Create a claim named edudip_role.
    • Set the value of the claim according to the user’s role (moderator or participant).

Usage Without an edudip Landing Page via the edudip API

For seamless integration without the edudip landing page, you can use the edudip API. You will need the following information:

  • Your edudip organization ID (clientid)
  • The ID of your OIDC provider for participants
  • You can find the endpoint to query the configured SSO providers here: https://docs.api.edudip.com/#tag/SSOOIDC/operation/getSSOProviders
  • Once you have all the necessary information, you can start the OIDC authentication flow for a participant via the following endpoint: https://docs.api.edudip.com/#tag/SSOOIDC/operation/perpareParticipantSSORegistration
  • Participants are automatically redirected to the edudip room after successful authentication against your OIDC provider.
  • Note on series appointments: In the case of a webinar with series appointments, the participant is automatically registered for all appointments in the series.
  • After successful transmission, the participant is automatically redirected to your provider and goes through your provider’s OIDC flow.