SSO Overview
Single Sign-On (SSO) is an authentication method that enables learners to securely authenticate and access the BenchPrep platform using a single set of credentials. Meaning, the learner does not need to manage a separate set of login credentials to access the BenchPrep platform. If you’ve ever selected a “Sign in with Facebook” or “Sign in with Google” button on a website instead of creating a new account, you’ve used a form of SSO to access online content.
When a learner signs in using SSO, an authentication token is created and stored in our backend, allowing them to access BenchPrep using that token to confirm their identity with the SSO service. Additionally, when a learner signs in using SSO, course authorization data can be passed to BenchPrep which informs our system which learning product(s) ( also referred to as courses) to enroll the user in.
Authentication and authorization happen each time a learner attempts to sign in. As such, the data in BenchPrep’s system is reflective of the learner's most recent login only. The identity provider is viewed as the single source of truth.
The BenchPrep system currently supports one SSO configuration per customer for B2C learners.
Key Terms
Identity provider | is a trusted provider that enables a learner to use SSO to access other websites |
Service provider | is a website (in this case BenchPrep) that hosts apps and accepts authentication via SSO |
Authentication | Confirms that learners are who they are |
Authorization | Gives those learners permission to access learning products |
Supported Protocols
BenchPrep supports two industry-standard SSO protocols: OpenID Connect (OIDC) and Security Assertion Markup Language 2.0 (SAML 2.0).
Considerations
Single Sign-On can offer your learners a seamless and more enjoyable experience. To help decide if SSO is right for your organization, consider the following:
- Configuring an SSO requires technical expertise and a system in your tech stack that can act as the identity provider
- Configuring an SSO requires planning and coordination with BenchPrep’s technical team. It can take 4-12 weeks to plan, implement, test, and release.
- BenchPrep supports SSO for B2C learner access only
- The identity provider acts as the source of truth for authentication and authorization (IE - if the learner should have access to BenchPrep and what they have access to). Because of this, user and enrollment management is limited within the BenchPrep system for SSO learners.
- Native BenchPrep mobile applications only support the OIDC protocol
Configuration Process
If you are interested in configuring single sign-on, contact Support to initiate the process. It can take 4-12 weeks to plan, implement, test, and release. In the meantime, review and/or share our SSO documentation with your technical resource(s).