What is Single Sign-On (SSO) in openSIS?

What is Single Sign-On (SSO) in openSIS?

Description

Single Sign-On (SSO) enables users to securely access openSIS using their existing organizational credentials without maintaining a separate username and password for the application. Instead of authenticating directly with openSIS, users sign in through a trusted identity provider such as Microsoft Entra ID (formerly Azure Active Directory) or Google Workspace.

SSO simplifies the login experience, improves security, and helps institutions centrally manage user authentication and access policies.


Benefits of Using SSO

Implementing Single Sign-On in openSIS provides several advantages:

  • Simplified User Experience – Users sign in with the same credentials they already use within their organization.
  • Improved Security – Authentication is handled by a trusted identity provider that can enforce security policies such as Multi-Factor Authentication (MFA) and Conditional Access.
  • Reduced Password Management – Eliminates the need for users to remember separate openSIS passwords.
  • Centralized User Management – User accounts and access can be managed from the organization's identity provider.
  • Faster Onboarding and Offboarding – Grant or revoke access by managing users in the identity provider.

Supported Identity Providers

openSIS supports integration with popular identity providers, including:

  • Microsoft Entra ID (Office 365 / Azure Active Directory)
  • Google Workspace

Each provider requires its own configuration and credentials before users can authenticate using SSO.


How SSO Works

The authentication process follows these general steps:

  1. A user selects the Single Sign-On option on the openSIS login page.
  2. The user is redirected to the configured identity provider.
  3. The identity provider verifies the user's credentials.
  4. After successful authentication, the user is securely redirected back to openSIS.
  5. openSIS grants access based on the authenticated user account and assigned permissions.

This process allows users to authenticate without creating or managing a separate openSIS password.


Before You Configure SSO

Before enabling Single Sign-On, ensure that:

  • An identity provider has been configured for your organization.
  • Administrative access is available to the identity provider.
  • Required application credentials, such as Client ID, Client Secret, and Redirect URI (depending on the provider), have been obtained.
  • User accounts in the identity provider correspond to users in openSIS.

Notes

  • SSO configuration should be performed by an administrator with access to both openSIS and the identity provider.
  • Users must exist in both the identity provider and openSIS to successfully sign in.
  • Authentication policies such as Multi-Factor Authentication (MFA) are managed by the identity provider.

Expected Outcome

Administrators understand the purpose of Single Sign-On, its benefits, and how it integrates with openSIS before proceeding with provider-specific configuration.

    • Related Articles

    • How to Configure Office 365 SSO Login in openSIS

      Overview Microsoft Office 365-based Single Sign-On (SSO) is now available in openSIS. This guide will help you set up and enable SSO so that users can log in with their Microsoft credentials. Step 1: Register Your App in Microsoft Azure Go to the ...
    • How to Integrate Google SSO with openSIS

      Introduction Google Single Sign-On (SSO) allows users to securely access openSIS using their Google account credentials. This not only enhances security but also simplifies the login experience for students, teachers, and administrators. This guide ...
    • Google Classroom Integration Settings in openSIS

      Overview openSIS allows administrators to integrate Google Classroom with their openSIS instance, enabling seamless synchronization between the Student Information System (SIS) and Google Classroom. This article provides step-by-step instructions for ...
    • Managing Login Failure Allowance and User Inactivity Settings in openSIS

      Overview The Preference settings in openSIS allow administrators to configure basic account security and inactivity controls for users within the institution. These settings help improve system security by controlling: Failed login attempt limits ...
    • Moodle Integration Settings in openSIS

      To start using the bi-directional integration feature of openSIS and Moodle, you have to set it up first. Navigate to LMS > LMS Settings or Settings > Learning Management System > LMS Settings The first thing you will notice is this information bar. ...