Special Programs Single Sign-on with PowerSchool SIS as IdP
Special Programs supports single sign-on (SSO) authentication for administrative users using PowerSchool SIS. When users are signed into PowerSchool SIS, they can navigate to Special Programs from the Applications tray.
The User OpenID[Admin] and User Open ID[Teacher] fields are used to link the Special Programs user to the PowerSchool SIS user. These values are populated by the integration between the products.
This documentation describes functionality that will be released with Special Programs 20.11.
Prerequisites
- PowerSchool SIS v20.4.0.0 or higher.
- Special Programs version 20.11 or higher.
PowerSchool SIS and Special Programs are integrated. As part of the integration, the Special Programs plugin has been installed in PowerSchool SIS and the data from SIS has been populated to Special Programs.
Set up Single Sign-On
This procedure is an overview of the steps involved in setting up single sign-on.
- Log in as a system administrator, and then select Administration > Configuration.
- Click the Integration tab, and then click Single Sign-On.
- Click Add Mapping and select PowerSchool SIS as the external identity provider.
Frequently Asked Questions
When a user logs out, are they logged out of the identity provider?
Single sign-out is not supported at this time. Users are not signed out of the identity provider or other PowerSchool products when they sign out. Refer users to the appropriate location to sign out of the identity provider.
Which SSO field is used in Staff Security Settings?
The Staff Security Settings page (Administration > Security > Staff Security Groups tab > Security Settings option) has two fields to configure the SSO field to use for staff IDs.
- The OpenID Connect SSO Staff ID Field specifies the field to use for single sign-on with PowerSchool SIS as the identity provider with OIDC.
- The External SSO Staff ID field is used if your district uses an external third party identity provider, such as Google or Microsoft.
When the mapping for single sign-on is set up to use PowerSchool SIS, the OpenID Connect SSO Staff ID field is automatically set to User OpenID.
Why does Manage User SSO ID show Not Set for the User SSO ID field?
The User SSO ID field displayed in Manage User SSO ID is used if your district uses an external third party identity provider, such as Google or Microsoft. It will not be populated if the district uses PowerSchool SIS as the identity provider.