Community area‎ > ‎

How to connect a service to the IDP

The information below is for IDP providers.

For all services a certain amount of information is needed to be consistent in the school directory.
Firstname, Lastname, Email address, NSN + SMS ID numbers for students.
It is also suggested to keep staff and student accounts in separate OU's in the directory.

Where fields are required in the school directory, if you have used the UDI tool to create and update your accounts, this information will already be loaded.

If you are current users of any of the services then mappings between current service users and directory users will need to take place. This will use directory fields to work out who is who.

If you are new to a service, then once the connection between the IdP and the service provider is made, very little work is needed.

Depending on your IdP provider, some or all of the work below will get taken care of as part of the setup of the IdP. They will advise any work you need to do to get connected to each service.

MyPortfolio
Contact an IdP provider, they will take care of the connection details between the IdP and MyPortfolio servers.

If a new school wants signed up to MyPortfolio:
You will need to register the school (http://myportfolio.school.nz/registration.php)
When the IdP provider has done the required work, users can optionally get automatically created on MyPortfolio upon their first login.

If your school currently uses MyPortfolio:
In this scenario, auto creation of users can’t be enabled - unless only a few users already exist, the MyPortfolio admins can rename the existing accounts to match directory usernames.
Otherwise, user accounts will need to have their school username updated into the 'Username for External Authentication' field.


Google Apps
Contact an IdP provider, they will take care of the connection details between the IdP and Google Apps.
You will need to ensure the email field is up to date in the school directory.
Access to add the SSO bits to the Google Apps Control Panel will be required. Once SSO is enabled, this will be the only login method to Google Apps.
If using the Google Outlook Sync tool, this can use SSO to connect Outlook with Google also..

KnowledgeNET
Ideally your KnowledgeNET site should be already connected to your SMS via WebSYNC. Any required fields will already be loaded at the KN end.
To connect directory users, the NSN number is used to map students to the right KN student login.

Moodle
Work will need to be done on the Moodle server. Your IdP provider can assist with the requirements for this.
If you have a shared Moodle for your cluster, this can also be linked with SSO.

Access-IT
Some work is needed to get this running from the Access-IT team. Please contact Martin at Access-IT to work through the changes required.
Access-IT will work with your IdP provider to make the link.

Spike@School
Users at the Spike end will need to be renamed any users to match school directory usernames
Then contact your IdP provider to make the link.

eTV
You will need to be a paid subscriber of eTV to make use of Single-Sign-On.
If your IdP provider is already linked in then most of the work is already done. They can liaise with e-TV on your behalf.