You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.
close
You are viewing the article in preview mode. It is not live at the moment.
Home > Support Center > SIS Integration > Connecting SIRAS to SSO
Connecting SIRAS to SSO
print icon

Single sign on (SSO) can be connected to SIRAS user logins via a Google, OneLogin, or other SSO workspace with the following procedure:


1.  In the SSO Provider Workspace (Google workspace admin), a new SIRAS "app" will need to be created.  (Add App > Add custom SAML app)

    Parameters for the app should be setup initially to connect to the Training Server URL for testing purposes.  Once testing is complete we will reconfigure this for production.

 

Substitute the appropriate URL below.

 

  • VCOE Siras -  Training:  https://sirastraining.vcoe.org - Production:  https://siras.vcoe.org
  • Kern Siras - Training:  https://training.siras-kern.org - Production:  https://siras-kern.org
  • Main (all other SELPAs) Siras: Training:  https://training.sirassystems.org - Production:  https://sirassystems.org


EntityID

https://training.sirassystems.org/sso/metadata.jsf


Login URL / ACS URL / Recipient

https://training.sirassystems.org/sso/acs.jsf


Logout URL

https://training.sirassystems.org/sso/logout.jsf

 

2.  A button for this "app" should be added to the SSO Workspace, which will connect users to the SIRAS URL with the correct parameters needed for SSO.  Users will need to access this button via the workspace or other district-provided area.  Siras does not provide a a "Login with SELPA/district X SSO" login page or button, due to the requirement to support many different providers and workspaces.


3.  SIRAS needs to be configured with these parameters:

 

  • EntityID URL  (e.g. https://accounts.google.com/o/saml2?idpid=1234)
  • Single Sign On Service URL (e.g. same as above)
  • X509 Certificate (this is a encrypted certificate key file which, usually .pem, which SIRAS will use to trust the SSO provider)
  • Domain name


4.  Limiting password access option.  If desired we can then disable password-based access to SIRAS for the district, requiring the use of SSO instead.

 

 

Requirements:

  • SIRAS User must have the same Email address as the Google/365/Onelogin account.
  • All email addresses must belong to the domain which we have configured to correspond to the credentials.  (e.g. "@sirassystems.com")

 

Feedback
0 out of 0 found this helpful

scroll to top icon