My Profile
Sign Out
Tickets
Knowledge Base
Login
Articles in this section
Category / Section
  2. Apps & Integrations

How to Sign-in/Register Users from your Website Using HTTP Single Sign-On (SSO)

Published:
2 mins read

Enable your website users to register or log in once and effortlessly navigate across BrainCert's Enterprise LMS without needing to log in again. Single sign-on creates a better user experience and reduces the need to create users manually in the LMS.

Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials (e.g., username and password) to access multiple applications. The service authenticates the end user for all the applications the user has been given rights to and eliminates further prompts when the user switches applications during the same session.

What are the requirements?

The feature integrates easily with your website with a few lines of code, making it quick and straightforward to set up Single Sign-On (SSO) for your entire website users. No need for complex identity provider setup or Security Assertion Markup Language 2.0 (SAML 2.0) integration.

How does it work?
Copy the attached SSO code and use the example PHP code in your website to register new users and allow the SSO of existing users without typing their username and password in the LMS login screen. Identity mapping is based on the email address which must be the same in both origin (your website) and target (Enterprise LMS).

How do I use it on my website?

To enable HTTP SSO in your Enterprise LMS, click on "Extensions" under 'Global Settings'.

1.png


Enable HTTP SSO extension, and save your API and Auth keys. A new user account will be created in the LMS when your website users click on the SSO hyperlink for the very first time.

2.png


Copy the following PHP library and use it on your website where you would like the users to launch the LMS link. You can also set Group IDs separated by a comma to easily add users to LMS groups.



<?php
// Define your LMS URL and user information
$lmsurl = 'YOUR_LMS_URL'; // For example, https://acme.braincert.com/ 
$email = "youremail@example.com"; // Email address of the user
$username = "YOUR_USERNAME"; // Username
$first_name = "YOUR_FIRSTNAME"; // First name of the user
$last_name = "YOUR_LASTNAME"; // Last name of the user
$group_id = "YOUR_LMS_GROUP_IDS"; // LMS group IDs separated by a comma
// Define your API credentials
$sso_api_key = "YOUR_API_KEY"; // API KEY
$sso_auth_key = "YOUR_AUTH_KEY"; // AUTH KEY
// Prepare the data to be sent in the POST request
$data = [
'sso_api_key' => $sso_api_key,
'sso_auth_key' => $sso_auth_key,
'username' => $username,
'email' => $email,
];
$data_string = json_encode($data);
// Ensure the LMS URL does not end with a slash
$lmsurl = rtrim($lmsurl, "/");
// Initialize cURL session
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $lmsurl . "/sso");
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json']);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// Execute the cURL request and get the response
$result_json = curl_exec($ch);
if (curl_errno($ch)) {
// Handle cURL error
echo 'Curl error: ' . curl_error($ch);
curl_close($ch);
exit;
}
curl_close($ch);
// Decode the JSON response
$result = json_decode($result_json, true);
// Check the response status and handle accordingly
if ($result['status'] == 'ok') {
$token = $result['token'];
$ssourl = sprintf(
'<a href="%s/?token=%s&email=%s&username=%s&first_name=%s&last_name=%s&group_id=%s">%s</a>',
htmlspecialchars($lmsurl, ENT_QUOTES, 'UTF-8'),
htmlspecialchars($token, ENT_QUOTES, 'UTF-8'),
htmlspecialchars($email, ENT_QUOTES, 'UTF-8'),
htmlspecialchars($username, ENT_QUOTES, 'UTF-8'),
htmlspecialchars($first_name, ENT_QUOTES, 'UTF-8'),
htmlspecialchars($last_name, ENT_QUOTES, 'UTF-8'),
htmlspecialchars($group_id, ENT_QUOTES, 'UTF-8'),
htmlspecialchars($email, ENT_QUOTES, 'UTF-8')
);
echo $ssourl;
} elseif ($result['status'] == 'error') {
echo htmlspecialchars($result['message'], ENT_QUOTES, 'UTF-8');
}
?>

Put the above code on a page and populate relevant parameters such as email addresses using DB queries specific to your website. The hyperlink may look like this when you mouse over:

<a href='https://mylmsdomain.braincert.com/?token=59eeaasasa42cad9&email=sso@braincert.com&username=JohnW&first_name=John&last_name=Wick&group_id=1,2,3'>

Where do I find Group ID?

You can find the ID of the group under "People" --> "Groups".

3.png
How to mail account details to new users?
Remember to enable an account notification email, so the new account details including the generated password will be emailed to the user after registration automatically.
Navigate to 'User Registration' under 'Global Settings'. Click on 'Notifications' and open 'User Notifications'. 
4.png

Benefit from HTTP SSO to suit your specific requirements.

Was this article useful?
Like
Dislike
Help us improve this page
Please provide feedback or comments
Access denied
Access denied