Cirrus Identity helped the University of Oregon implement social login and single sign-on solutions.
The integrated cloud hosted solutions allow Oregon to control access to AcademicWorks and other future systems. The Cirrus social login Gateway allows Oregon to defer provisioning enterprise accounts for applicants until they have fully committed to attending the University. This allows applicants to use social accounts they already have while also reducing operating costs. It's a win-win!
Cirrus Account Linking helps Oregon link an applicant's claimed social provider account with their "bannerid". Oregon can choose and modify the social provider offerings for their applicants for each admissions cycle.
Cirrus Identity only maintains the linkage between the social provider and the Oregon bannerid provided with the request. This linked bannerid, along with attributes returned from the social provider, is asserted using the SAML protocol to enable applicants to access services such as AcademicWorks.
The Process is Simple!
1. The solution starts when the applicants receive a unique “bannerid”.
2. Each night, Oregon generates and sends a CSV file of new applicants, which includes the bannerid and user’s email address, to the Cirrus APIs.
3. Cirrus APIs parse the CSV file and then emails with configurable messages are sent to the applicants. The email contains a URL to an account claim page where the applicant chooses a social provider. Oregon chose to send the emails using their mail infrastructure.
4. When the applicant clicks on the URL in the email, they are taken to the start of the claim process: a) The applicant must first accept the terms and conditions. b) Then choose one of the social login providers allowed by the University of Oregon.
5. Each social provider login experience is different, but they generally follow these steps: a) Applicant enters username and password. b) Most social providers then ask permission to release attributes.
6. The applicant then receives confirmation within the user interface and in a confirmation email.
7. After the one-time account linking is complete, the applicant can login to AcademicWorks with their social login!