SSO can be the primary login method for a subenvironment. This means that the default login screen will not be visible and users will be redirected to your external system to log in. This is the SSO login URL. A subenvironment can also have an SSO logout URL. This can refer to a page in your external system. Without this logout URL, the learner would end up on the homepage of the aNewSpring environment.

An administrator that also has the tenant role can request our support team to set up the subenvironment as desired by sending an email to support@anewspring.com.

We would like to know:

  • For which subenvironment should we set this up?
  • What is the URL of the external login page?
  • Do you want to use a custom link? (see below)
  • If users log out, should they be redirect to a specific URL? If yes, what is the URL?

Redirecting links in email notifications

aNewSpring can send email notifications to learners and these can contain links to specific pages in aNewSpring, like a new MemoTraining, a (discussion) message or another page in a specific course. After clicking the link, the learner needs to log in in the external system and will then expect to see the right page in aNewSpring without having to navigate to it manually.

There are two ways to do this:

Without a custom link

The link in the email notification is the same as without SSO and will refer to the aNewSpring subenvironment. aNewSpring stores the URL that the user wants to open and then redirects to the login page of the external system. We can add an extra parameter to the login link, so the external system can recognise that SSO needs to happen directly after logging in.

You will need to provide us with the login URL.

After the user logs in, the external system needs to start the SSO procedure and redirect the user back to aNewSpring (without the course, activity or redirect parameter).

aNewSpring then recognises the user and will automatically open the page that the original link in the email referred to.

Example of MemoTraining email:

The link in the email refers to:
https://demo.anewspring.com/do?action=player&id=123&type=Training&courseId=789

The learning environment will remember this URL and then forward the learner to this link:
https://
example.com/login?redirect=true

The learner logs in and the external ID of this user is ABC.

The external system at example.com then requests a login token at:
https://demo.anewspring.com/api/getLoginToken/ABC

The external system then performs SSO:
https://demo.anewspring.com/do?action=sso&user=ABC&token=24345226-ec3a-4d90-a5d0-aa99c80ec491

SSO is successful and the browser of the learner will load this URL:
https://demo.anewspring.com/do?action=player&id=123&type=Training&courseId=789

With a custom link

In this case, the email notification will contain a custom link that refers to the login page of your external system. We can add a parameter with a redirect URL to this link.

You will need to provide us with the login URL.

After the user logs in, the external system needs to start the SSO procedure and redirect the user to aNewSpring (with the redirect parameter).

aNewSpring will then open the URL in the redirect parameter.

Example of MemoTraining email:

The link in the email refers to:
https://example.com/login?redirect=https%3A%2F%2Fdemo.anewspring.com%2Fdo%3Faction%3Dplayer%26id%3D123%26type%3DTraining%26courseId%3D789

The learner logs in and the external ID of this user is ABC. The external system stores the redirect URL.

The external system at example.com then requests a login token at:
https://demo.anewspring.com/api/getLoginToken/ABC

The external system then performs SSO and includes the redirect URL:
https://demo.anewspring.com/do?action=sso&user=ABC&token=24345226-ec3a-4d90-a5d0-aa99c80ec491&redirect=https%3A%2F%2Fdemo.anewspring.com%2Fdo%3Faction%3Dplayer%26id%3D123%26type%3DTraining%26courseId%3D789

SSO is successful and the browser of the learner will load this URL:
https://demo.anewspring.com/do?action=player&id=123&type=Training&courseId=789