Please note: SSO is only available to clients with the GeckoProtect package.
Single sign-on (SSO) is an integral part of modern cloud-based computing. It allows your team to use their University credentials to easily access a wide range of software systems. Happily, Gecko can also be accessed using SSO.
This article will walk you through the benefits of SSO, as well as how you can start implementing it today.
Why use SSO?
We're fast seeing single sign-on (SSO) become an industry standard requirement in Higher Education applications. It's not difficult to see why. Using SSO to manage your Gecko authentication yields some big-time benefits:
New Gecko users no longer have to set and remember a password - they simply log in to your account with their University email address.
When a member of staff leaves your institution, your IT team will deactivate their University account. With SSO enabled, this will automatically rescind the ex-staff members access to your Gecko account, meaning that your data remains secure.
You control how secure your passwords are. As your Institution password rules are governed by your IT team, you can be safe in the knowledge that your Gecko account is as protected as any other.
In short, SSO ensures your account is safer and easier to manage.
How to set up SSO
Though we recommend reaching out to the support team, you can expedite implementation by coming armed with the following information:
Information to give your IT Team
To begin with, your IT team will need the following details to configure your Identity Provider (sometimes know as your IdP):
- SAML Consumer URL: (account-cognito.geckoengage.com)
- SAML Audience: (urn:amazon:cognito:sp:eu-west-1_TIMcKUTug)
- Required Parameters:
* First Name
* Last Name
Once that's done, Gecko will require the following information from your IT team to set things up:
Information to give to Gecko
- Metadata / SAML XML document
- Attribute mappings (how these are named in your institution's IdP)
- Required Domains (please confirm you have authority over the entire domain)
-Should IdP Sign-out flow be turned on/off?
Any questions? Feel free to start a live chat with a member of our support team or explore the rest of our academy at your leisure.