SSO integrations overview
Learn how SchoolDay Single Sign-On works using SAML authentication to connect identity providers and applications
SchoolDay SSO lets users sign in once through your district's identity provider (IdP) and access all connected applications automatically. No separate credentials are needed per app.
SchoolDay uses SAML (Security Assertion Markup Language) to verify identity and pass access securely between your IdP and each application.
What is SSO integration?
SSO integration establishes a trust relationship between three entities:
- Identity Provider (IdP): Your district's authentication system (Google, Azure AD, ADFS, or Active Directory). It maintains the user directory and authenticates users.
- SchoolDay: The service provider that facilitates communication between your IdP and applications.
- SSO applications: Third-party tools that SchoolDay connects to your IdP.
This trust is established through an exchange of SAML (Security Assertion Markup Language) metadata and digital certificates. The metadata tells each system how to communicate securely with the others.
How SSO authentication works
SchoolDay Single SSO authenticates users once through your district's identity provider, then grants them automatic access to connected applications without entering additional credentials.
The authentication flow:
-3.png?width=500&height=338&name=unnamed%20(1)-3.png)
- User signs in to SchoolDay through your district's IdP (Google, Azure AD, ADFS, or Active Directory).
- SchoolDay verifies the user's identity with the IdP.
- SchoolDay creates a session token for the authenticated user.
- User clicks an app icon in the SchoolDay Portal.
- SchoolDay sends the session token to the app.
- The app logs the user in automatically (no additional login prompt appears).
Set up SSO in SchoolDay
|
Step |
Task |
Article |
|---|---|---|
|
1 |
Decide how you'll use SSO |
|
|
2 |
Activate an app and assign it to schools and users |
|
|
3 |
Adjust who has access |
|
|
4 |
Confirm authentication works before rollout |
|
|
5 (optional) |
Create direct-access links for your LMS or staff |
|
|
6 |
Fix issues |
Next steps
- Add an SSO application
- Change SSO application assignments
- Test an SSO application