How to Sign-in/Register Users from your Website Using HTTP Single Sign-On (SSO)
Enable your website users to register or log in once and effortlessly navigate across BrainCert's Enterprise LMS without needing to log in again. Single sign-on creates a better user experience and reduces the need to create users manually in the LMS.
Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials (e.g., username and password) to access multiple applications. The service authenticates the end user for all the applications the user has been given rights to and eliminates further prompts when the user switches applications during the same session.
What are the requirements?
The feature integrates easily with your website with a few lines of code, making it quick and straightforward to set up Single Sign-On (SSO) for your entire website users. No need for complex identity provider setup or Security Assertion Markup Language 2.0 (SAML 2.0) integration.
How does it work?
How do I use it on my website?
To enable HTTP SSO in your Enterprise LMS, click on "Extensions" under 'Global Settings'.
Enable HTTP SSO extension, and save your API and Auth keys. A new user account will be created in the LMS when your website users click on the SSO hyperlink for the very first time.
Copy the following PHP library and use it on your website where you would like the users to launch the LMS link. You can also set Group IDs separated by a comma to easily add users to LMS groups.
<?php// Define your LMS URL and user information
$lmsurl = 'YOUR_LMS_URL'; // For example, https://acme.braincert.com/
$email = "youremail@example.com"; // Email address of the user
$username = "YOUR_USERNAME"; // Username
$first_name = "YOUR_FIRSTNAME"; // First name of the user
$last_name = "YOUR_LASTNAME"; // Last name of the user
$group_id = "YOUR_LMS_GROUP_IDS"; // LMS group IDs separated by a comma
// Define your API credentials
$sso_api_key = "YOUR_API_KEY"; // API KEY
$sso_auth_key = "YOUR_AUTH_KEY"; // AUTH KEY
// Prepare the data to be sent in the POST request
$data = [
'sso_api_key' => $sso_api_key,
'sso_auth_key' => $sso_auth_key,
'username' => $username,
'email' => $email,
];
$data_string = json_encode($data);
// Ensure the LMS URL does not end with a slash
$lmsurl = rtrim($lmsurl, "/");
// Initialize cURL session
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $lmsurl . "/sso");
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json']);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// Execute the cURL request and get the response
$result_json = curl_exec($ch);
if (curl_errno($ch)) {
// Handle cURL error
echo 'Curl error: ' . curl_error($ch);
curl_close($ch);
exit;
}
curl_close($ch);
// Decode the JSON response
$result = json_decode($result_json, true);
// Check the response status and handle accordingly
if ($result['status'] == 'ok') {
$token = $result['token'];
$ssourl = sprintf(
'<a href="%s/?token=%s&email=%s&username=%s&first_name=%s&last_name=%s&group_id=%s">%s</a>',
htmlspecialchars($lmsurl, ENT_QUOTES, 'UTF-8'),
htmlspecialchars($token, ENT_QUOTES, 'UTF-8'),
htmlspecialchars($email, ENT_QUOTES, 'UTF-8'),
htmlspecialchars($username, ENT_QUOTES, 'UTF-8'),
htmlspecialchars($first_name, ENT_QUOTES, 'UTF-8'),
htmlspecialchars($last_name, ENT_QUOTES, 'UTF-8'),
htmlspecialchars($group_id, ENT_QUOTES, 'UTF-8'),
htmlspecialchars($email, ENT_QUOTES, 'UTF-8')
);
echo $ssourl;
} elseif ($result['status'] == 'error') {
echo htmlspecialchars($result['message'], ENT_QUOTES, 'UTF-8');
}
?>
Put the above code on a page and populate relevant parameters such as email addresses using DB queries specific to your website. The hyperlink may look like this when you mouse over:
<a href='https://mylmsdomain.braincert.com/?token=59eeaasasa42cad9&email=sso@braincert.com&username=JohnW&first_name=John&last_name=Wick&group_id=1,2,3'>
Where do I find Group ID?
You can find the ID of the group under "People" --> "Groups".

How to mail account details to new users?
Benefit from HTTP SSO to suit your specific requirements.