This is an overview of steps required to set up SAML SSO to support teacher and student login.
Please provide us with a URL to your metadata. If you work with ClassLink, this will typically look similar to:
https://idp.classlink.com/sso/metadata/abcd1234youruniqueId
This is often the same as your SAML metadata URL. But it can be anything you wish to specify that your SAML system uses. The Partner IdP is generally specified in your metadata and you won’t need to provide it to us separately.
You will need our SAML metadata to configure your system. The URL is: https://www.teachtown.com/saml/metadata
You will need to receive from us a Login URL in order for your system to begin an SP-initiated SAML request to our system. This URL will look similar to:
https://www.teachtown.com/SAML/SSOLogin/your-unique-Id
Your SAML request must contain the attributes below. These attributes can be configures to be named however you wish. The names shown below are the most commonly used. NOTE: If we are also configuring our system to receive a OneRoster file from you, then please see our TeachTown OneRoster Integration Guideline document for reference.
Attribute: nameID
This value must be a unique identifier for the user, whether it is a teacher, student, or administrator. In order to allow SAML to work with OneRoster the provided nameID must match with the sourcedId and/or username field from your OneRoster file.
Attribute: role
Must be one of ‘teacher’, ‘student’, or ‘admin’.
Attribute: givenname
First name of user.
Attribute: sn
Last name of user.
Attribute: mail
Email of user. This is ignored for students.