Single Sign-On (SSO) for your academy
With Pluvo, you can easily set up Single Sign-On (SSO) for your academy. Single Sign-On (SSO) means that you have access to various applications or systems using one username and password. So, you don't need to log in again for each separate application. This means that participants can log in with their organizational login credentials and get immediate access to Pluvo!
Note! SSO is only available when you have a Company subscription or higher.
Setting up SSO in Pluvo is straightforward. Go to the 'Administration' tab in your academy, select 'Settings', and then 'SSO & LTI'.
The SSO option we offer is OpenID Connect. This, along with SAML, is the most well-known method to implement Single Sign-on. Click on OpenID connect, and a pop-up window will appear where you can create an OpenID connect.
In this Pop-up window, you can fill in the following fields:
[Name]: Choose the name of the group where users will be placed in Pluvo. This name is only visible to administrators.
[Text on the button login page]: Customize the text on the login button that users see on the Pluvo login page. Choose a name like "Google account" or "SSO-login"
Next, you can copy the “filled in” parameters; you will need these in the other system (for example, Microsoft Azure, or Google Workspace).
Authorized JavaScript sources: https:// yoursubdomain. pluvo.co/
Authorized redirect URIs: https:// yoursubdomain.pluvo.co/oidc/callback/
After copying the parameters, you need to follow some steps in the other system to obtain the required data. Then, these data need to be filled in Pluvo. This ensures that the Single Sign-On (SSO) is correctly implemented.
Click on this article for the steps in Microsoft Azure
Click on this article for the steps in Google Workspace
Click on this article for the steps in Citrix.
You now have all the necessary information to fill in Pluvo:
* OAuth Client id =_
* OAuth Client secret =_
* Authorization endpoint =_
* Token endpoint =_
* User endpoint =_
* Scope = openid email_
* Oidc sign algo = (RS256 or HS256)_
* Oidc op jwks endpoint = (Oidc op jwks endpoint is only necessary for RS256 Oidcsign algo)_
Simply fill in the required fields, click "Save," and switch the slider to "Active".
After that, your users can seamlessly log in via SSO!
Note! SSO is only available when you have a Company subscription or higher.
Setting Up SSO
Setting up SSO in Pluvo is straightforward. Go to the 'Administration' tab in your academy, select 'Settings', and then 'SSO & LTI'.
The SSO option we offer is OpenID Connect. This, along with SAML, is the most well-known method to implement Single Sign-on. Click on OpenID connect, and a pop-up window will appear where you can create an OpenID connect.
In this Pop-up window, you can fill in the following fields:
[Name]: Choose the name of the group where users will be placed in Pluvo. This name is only visible to administrators.
[Text on the button login page]: Customize the text on the login button that users see on the Pluvo login page. Choose a name like "Google account" or "SSO-login"
Parameters
Next, you can copy the “filled in” parameters; you will need these in the other system (for example, Microsoft Azure, or Google Workspace).
Authorized JavaScript sources: https:// yoursubdomain. pluvo.co/
Authorized redirect URIs: https:// yoursubdomain.pluvo.co/oidc/callback/
What Do We Need From You?
After copying the parameters, you need to follow some steps in the other system to obtain the required data. Then, these data need to be filled in Pluvo. This ensures that the Single Sign-On (SSO) is correctly implemented.
Obtaining Data for Fields in Pluvo
Click on this article for the steps in Microsoft Azure
Click on this article for the steps in Google Workspace
Click on this article for the steps in Citrix.
Done!
You now have all the necessary information to fill in Pluvo:
* OAuth Client id =_
* OAuth Client secret =_
* Authorization endpoint =_
* Token endpoint =_
* User endpoint =_
* Scope = openid email_
* Oidc sign algo = (RS256 or HS256)_
* Oidc op jwks endpoint = (Oidc op jwks endpoint is only necessary for RS256 Oidcsign algo)_
Simply fill in the required fields, click "Save," and switch the slider to "Active".
After that, your users can seamlessly log in via SSO!
Updated on: 27/12/2023
Thank you!