Overview
This document will describe how you can set up Shibboleth Single Sign-On (SSO) functionality to be used on Unitu so that users can use their university accounts to access Unitu.
Unitu is an officially registered SP (Service Provider) with the Jisc Federation for Shibboleth SSO. More details can be found here.
Benefits of SSO
Convenience for the students
Making the platform readily available by allowing users to have the same account credentials for both their university account and Unitu account will, we believe, vastly improve user experience and hence the engagement on the platform.
Method
To enable Shibboleth SSO on Unitu it is a two-step bilateral process
Step 1: Registration
- We need to register your IDP (Identity Provider) service’s XML details on to our platform
- You can send this to us directly
- Or you can provide the entity ID and we search for it in Jisc Federation’s MDQ service
- You need to register us as an SP (Service Provider) on your IDP
- Our XML data is available here: Unitu XML
- Alternatively, you can use the Jisc Federation’s MDQ service – our entity id is: “http://unitu.io/docs”
Step 2: End-to-End Test
- We need to test the connection on our test environment before we release it to our production environment
- For this we ask for you to provide us with a small number of test accounts (one for student and one for staff)
- You need to expose the email attribute in your SSO response
- We will need to know the attribute id to search for the email to match the account to the user on our side after successful login
- We will need to know the attribute id to search for the email to match the account to the user on our side after successful login
Common Error Troubleshooting
User not found
Please make sure that the email that you signed in with is the email that is registered with your account on Unitu.