Help: LTI SSO
A single sign-on
If you want your participants to log in from an external site, you can implement a LTI Single Sign-On (SSO). It has been developed with LTI standards and with a bit of work on your side, you can build your very own single sign-on so that your users can log in from your system without needing additional login credentials on LearningStone.
The external site is called the “Tool consumer”, while LearningStone is the “Tool provider”
Once someone logins through the external login, they cannot login in any other way without creating a new account. Trainers, coaches and managers can always login into LearningStone.
If the participant does try to login directly at LearningStone, they will be redirected to your external site to login and if they want to change their name or e-mail, they will also be led back to the external site as well so that you keep everything together.
Setting up your SSO
Go to the LTI settings in the workspace settings.
Here you will find the keys your need to set up the SSO.
Once you have done this and the SSO is up and running, you will need to:
- create a groupspace (the actual training or other learning track)
- enable LTI in the groupspace settings
- copy the LTI link and paste it in the product-fields in your site.
The members will also be synchronized:
- periodically once every 24 hours)
- when they log in
- when you click the sync button in the LTI workspace settings.
It’s that simple!
You never need to add a member in LearningStone (except trainers and coaches).
Members are added automatically if they are signed up for a product on the external service.
You can force the synchronization in the LTI workspace settings.
What happens when a user gets removed?
The external site is leading, so it’s best to not remove members in LearningStone. If you do, you will delete all the progress data and the user will be replaced at the next synchronization.
There are a few scenarios to consider:
Your external site has ended the access: as soon as the groupspace is synchronized, the member will be moved to “archived members” and a note will be added to the member log (you can find this by clicking on the profile picture in Organize members). The user will not be able to access the groupspace anymore but no progress data will be lost. If you then delete the user, all data will be deleted but there’s usually no need to do this.
You move the member to archived members manually: if the member still has access to the groupspace according to the external site, the member will be moved back to the members. No data will be lost. The same happens if you move the member to the removed members, without emptying it.
You deleted the member: if the member still has access to the groupspace according to the external site, the member will be added again but all progress data will be lost.
You moved a member from archived members to removed members: If a member has been archived as a LTI login period has ended and you then move this person to removed members to delete, we assume you want to really delete the member and this will not be reversed.
Troubleshooting LTI launching
If the connection doesn’t work.
- Check if the groupspace is active (not in the archive)
- Check if the correct LTI-link has been used in the external site (including https://...) and the LTI-launch has been enabled in the groupspace settings.
- Check if the product on the external site is active (check if has been published and check the end date).