OAuth Single Sign On (SSO) login Solution using Clever as an Identity provider by miniorange helps users to automatically sign-in to multiple apps/websites with single Clever login credentials. The Clever Single Sign-On solution can be implemented by configuring Clever as IDP in miniOrange, where miniOrange will act as SP using OAuth Protocol. Here this guide will walk you through the step-by-step process of OAuth SSO login configuration between websites/applications and Clever. Once configured successfully you will be ready to securely SSO into your websites/applications using existing Clever credentials.
|IdP Name||Custom Provider|
|IdP Display Name||Choose appropriate Name|
|OAuth Authorize Endpoint||https://clever.com/oauth/authorize||OAuth Access Token Endpoint||https://clever.com/oauth/tokens||OAuth Get User Info Endpoint (optional)||https://api.clever.com/v1.1/me|
|Client ID||From step 1|
|Client secret||From step 1|
|Scope||read:district_admins_basic, read:school_admins_basic, read:students_basic, read:teachers_basic, read:user_id|
|Service Provider Name||Choose appropriate name according to your choice|
|SP Entity ID or Issuer||Your Application Entity ID|
|ACS URL X.509 Certificate (optional)||Your Application Assertion Consumer Service URL|
|NameID Format||Select urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress|
|Client Name||Add appropriate Name|
|Redirect URL||Get the Redirect-URL from your OAuth Client|
|Descrption||Add if required|
|Policy Name||As per your Choice|
Note: Choose the Authorization Endpoint according to the identity source you configure.
In case you are setting up SSO with Mobile Applications where you can't create an endpoint for Redirect or Callback URL, use below URL.
Few usecases where customers configure multiple IDPs -
|For Cloud IDP -||https://login.xecurify.com/moas/discovery?customerId=<customer_id>|
|For On-Premise IDP -||https://yourdomain.com/discovery?customerId=<customer_id>|
You can see the screenshot below of the IDP Selection Page with a list of IDPs .
Note: To view the IDP in drop-down list, go to Identity Providers tab > against your configured IDP > Select >Edit , here Enable the Show IdP to Users option.
In this guide, you have successfully configured the Clever Single Sign-On (SSO) by integrating Clever as OAuth IdP Provider and miniorange as SP. Now your users will be able to securely log in to your applications/websites using their existing Clever login credentials.
We can connect with any External IDP via SAML, OAuth, CAS or User Directory via LDAP, Database Connection or APIs.
Contact us on firstname.lastname@example.org for quick guidance(via email/meeting) on your requirement and our team will help you set up SSO with your IdP in no time.