Course authorization gives learners permission to access a learning product. For SSO configurations, the BenchPrep system expects course authorization to be controlled by one of the options below regardless of the protocol being used.
Option 1: Pre-Defined Course List
Learner Experience
All learners accessing the platform via SSO will be enrolled in the same list of courses (determined by the customer). Learners will be able to access all courses in the list upon successful login. This authorizer is additive only. Removing course slugs from the preconfigured list will not remove enrollments from a User, even those created via Plans/Contracts.
Configuration/Management
The course list is stored independently of the SSO login and no authorization information will be read from the SSO payload. The list of course slugs should be provided to BenchPrep prior to implementing the SSO. The course list is configurable by contacting Support after the initial implementation is complete.
Example data required for configuration:
Considerations
Pros | Cons |
|
|
Using a Pre-Defined Course List is recommended for customers who don’t update their course offerings frequently AND require all learners to have access to the same set of courses.
Option 2: Course Slugs in Login Payload
Learner Experience
Learners accessing the platform via SSO will be enrolled in courses based on the course slugs provided in the SSO payload. Learners will only be able to access the courses they are enrolled in. If a course slug was sent in one login payload and then removed in a subsequent login payload, the enrollment to that course would be deactivated and the user would not be able to access it.
Configuration/Management
Course slugs are included and passed through with the SSO data package/payload upon login. Course slugs can be managed independently by customers and are configurable from BenchPrep’s content management system, Blueprint. The slugs in the payload must match the slugs configured in Blueprint. Removing course slugs from the payload will deactivate those enrollments from a learner. Technical specifications for this method can be found in the configuration guides for OIDC and SAML.
Optional: This method supports the optional passing of expiration date data for each course slug in the SSO payload. If expiration data is included, the BenchPrep system will display the expiration date in applicable BenchPrep learner interfaces for each course slug that has an expiration date. If an expiration date is provided, it will also control authorization expiration. For example:
- Upon login, the user will be granted access to courses with an expiration date that is NOT in the past.
- If the expiration date passes before the user next logs in, the BenchPrep system will deactivate the enrollment on the expiration date.
Considerations
Pros | Cons |
|
|
Using course slugs is recommended for customers who plan to release new learning products frequently and/or require that learners have access to different courses.
Please Note: Regardless of the option chosen, course authorization via SSO is the sole enrollment method for an SSO learner and will override any existing enrollment specifications defined by users' Plans/Contracts.