Certiverse SSO Implementation

Certiverse SSO Integrations

• 

  Overview 

  Certiverse SSO integrations allows Organizations to use Enterprise Identity Providers to authenticate users; including candidates, subject matter experts, and organization administrators; and seamlessly create Certiverse accounts. 

  User Flows 

  Organizations that implement SSO will have two options which can be configured for the SSO flow in the Certiverse platform. All SSO implementations will include the ability for authenticated users to be passed to a Certiverse SSO log-in URL specific to their organization. The user will log into the Organization's identity provider, if they are not already, and then automatically logged into their Certiverse user account, which will seamlessly be created if necessary. 

  In addition, there is an optional configuration to allow users to select the Organization’s SSO from the Certiverse log-in screen. This configuration supports the flow of users coming directly to Certiverse and using the organization's identity provider to authenticate the user. 

  Multiple SSO Configurations 

  Some organizations have more than one identity provider, for example one for employees and one for external users. Both can be configured for their Organization in Certiverse, and an identity provider specific URL can be used to control which SSO configuration is used to log in the user. If there is more than one SSO configuration and the general Organization SSO log-in URL is used, or the SSO log-in is initiated from the Certiverse log-in screen, the user will need to select which of the Organization’s SSO configurations to use. 

  Requiring SSO to Book Exams 

  Most organizations that use SSO want to require their candidates to use the SSO log-in to book an exam, versus an account they create in Certiverse. Toggling on the "Require SSO Log-In to Book an Exam” will require candidates to log-in using SSO before they can book and then take an exam. Turning this toggle off will allow a user who creates an account in Certiverse, and log-in without SSO, to book your exams. 

  Organization/Partner Web Site to Certiverse SSO Flow 

  The flow for the SSO integration from an Organization/Partner web site to the Certiverse platform is described below in the numbered list of steps. 

  1. User uses hyperlink in Organization/Partner web site to navigate to an organization specific URL in the Certiverse Platform for SSO authentication
     • The Certiverse deep-link landing page URL will support optional query string parameters for redirecting users to certain functions within the application.
     • Example:
       • https://certiverse.com/#/sso/{cv-organizationId}
       • URL can be copied from the Admin Portal / Organization Sub Menu / User Authentication tab
     • Certiverse SSO Deep Link URL if you have more than one SSO Connection and want to specify which connection will be used
       • https://certiverse.com/#/sso/{cv-organizationId}/connections/{cv-organization-connectionId}
       • URL can be copied from the Admin Portal / Organization Sub Menu / User Authentication tab
       • Note: If Organization/Partner has more than one SSO Connection and a connection is not specified, Certiverse will use one of the connections by default
     • Optional query string parameters
       • Value: redirectURL
         • Takes user to an URL within the Certiverse platform
         • URL paths can change, and the organization assumes the risk of changes to the URL path, and updating the path in their system when necessary
  2. Certiverse will make a request to the identity provider.
     • Certiverse will make a request to a dedicated Auth0 Connection configured to talk to Organization/Partner identity provider
     • Certiverse will receive a response from the identity provider
  3. User redirected.
     • If a redirect was included as a query string in step 1, candidate will be redirected to the supported area, such as booking an exam or candidate dashboard for previously scheduled exams.
     • If redirect not included as a query string in step 1, candidate will be redirected to the Certiverse home page