University of Oregon
Applicant Access to Financial Aid Services
Single Sign-OnDescription Goes Here
Social LoginsDescription Goes Here
The University of Oregon enabled Cirrus social login solutions for applicants to access to Academic Works financial aid and scholarship services.
The Office of Student Financial Aid and Scholarships for the University of Oregon determined a solution was needed to improve access for incoming students to scholarship information. Oregon uses the AcademicWorks solution to manage scholarship information for all students and Banner as the student information system.
Existing Oregon students use an enterprise grade credential call a “DuckID” to access university applications including AcademicWorks.
The challenge was providing access to AcademicWorks for applicants without needlessly creating the DuckID. At the same time, the access needed to be secure and linked to the student information contained in Banner.
In addition, Oregon wanted easy-to-use access that didn’t require a bunch of Service Desk support calls!
Streamline access to AcademicWorks. Allow applicants to use social login and students, faculty and staff to use thier DuckID. Save on support!
Only create enterprise DuckIDs for students that are confirmed to attend the University of Oregon saving developer time and maintenance.
How Cirrus Helped
Cirrus Identity helped the University of Oregon implement social login and single sign-on solutions.
The integrated cloud hosted solutions allow Oregon to control access to AcademicWorks and other future systems. The Cirrus social login Gateway allows Oregon to defer provisioning enterprise accounts for applicants until they have fully committed to attending the University. This allows applicants to use social accounts they already have while also reducing operating costs. It's a win-win!
Cirrus Account Linking helps Oregon link an applicant's claimed social provider account with their "bannerid". Oregon can choose and modify the social provider offerings for their applicants for each admissions cycle.
Cirrus Identity only maintains the linkage between the social provider and the Oregon bannerid provided with the request. This linked bannerid, along with attributes returned from the social provider, is asserted using the SAML protocol to enable applicants to access services such as AcademicWorks.
The Process is Simple!
1. The solution starts when the applicants receive a unique “bannerid”.
2. Each night, Oregon generates and sends a CSV file of new applicants, which includes the bannerid and user’s email address, to the Cirrus APIs.
3. Cirrus APIs parse the CSV file and then emails with configurable messages are sent to the applicants. The email contains a URL to an account claim page where the applicant chooses a social provider. Oregon chose to send the emails using their mail infrastructure.
4. When the applicant clicks on the URL in the email, they are taken to the start of the claim process: a) The applicant must first accept the terms and conditions. b) Then choose one of the social login providers allowed by the University of Oregon.
5. Each social provider login experience is different, but they generally follow these steps: a) Applicant enters username and password. b) Most social providers then ask permission to release attributes.
6. The applicant then receives confirmation within the user interface and in a confirmation email.
7. After the one-time account linking is complete, the applicant can login to AcademicWorks with their social login!
University of Oregon Applicant Login Process
Intuitive User Experience - Applicants at the University of Oregon can use the social accounts they already have and know. There's only one login screen to AcademicWorks for applicants and students.
Reduced Support - Service Desk for forgotten passwords is eliminated. The IAM team only needs to create and maintain DuckIDs for confirmed students.
Cirrus Products Used
Easy integration of social login to your enterprise web SSO environment.
Account Linking & ID Verify Add-On
Link external identities from social login or our external identity provider to your organization identifiers.
Identity Provider Proxy
A single identity provider endpoint that supports sophisticated attribute capabilities, federation with multiple identity providers, and protocol translation.