Single Sign On with TutorCruncher
What is Single Sign On?
Single sign on allows our users to log in to other systems using TutorCruncher. An example of this would be signing into other applications using your Google or Facebook credentials.
In our case, you can set a link from TutorCruncher to another system accessible from the menu, which passes arguments to the other system containing the users information. A working example of this is available at the link below.
How do I set up SSO in TutorCruncher?
Before you start you will need to make sure the system you want to allow SSO with works with TutorCruncher.
Go to System > Settings > Single Sign-on > View existing SSO, and click 'Add SSO Config'. On the next form you have a set of fields that must be filled in:
- Name: The name of the system you wish to allow SSO to.
- Permitted Roles: The roles you want to be allowed to access the system. In this case, contractor = tutor and servicerecipient = student.
- URL: The address users sign in from TutorCruncher with. You will need to check with the system provider for this.
- Key: Unless you have been told otherwise, leave this blank and TutorCruncher will generate one for you.
- Launch Icon: You can use any of the icons from here.
- Launch from menu: Whether your users can access the link from the main menu.
- Menu display name: The name you want to display to your users.
- Launch from Lesson: Whether your users can access the link from a lesson.
- Lessons display name: The name you want to display to your users.
TutorCruncher supplies the following variables in SSO tokens:
||id of the user, unique for each user|
||first and last name of the user|
||role type, Administrator, Contractor (eg. tutor) or ServiceRecipient (eg. student)|
||unix timestamp when the user clicked the link, aka "now"|
||the user's timezone name, this maybe null if no user or branch timezone is configured <|
||branch id, the id of the branch the user clicked the link from, generally there's one branch per company but there can be more|
||appointment(lesson) id, unique for each appointment (only available when the SSO link was followed from an appointment)|
||name or topic of the appointment (only available when the SSO link was followed from an appointment)|
||unix timestamp for the start datetime of the appointment (only available when the SSO link was followed from an appointment)|
||unix timestamp for the finish datetime of the appointment (only available when the SSO link was followed from an appointment)|
< timezones are provided as ISO timezone names eg.
America/New_York, see the "YZ" column