Faculty Search Release Notes: 2019.08.28

This release introduces improvements to our platform-wide features for Single-sign-on; 

Remove SSO ID in Faculty Search:

Institutional Administrator in Faculty Search can modify the SSO ID for a user, so they can better troubleshoot a user at their institution who is having login issues with SSO.

  • Institutional Administrator editing a User at their institution who has been provisioned with an SSO ID will see the following on the SSO Identifier tab within the Edit User modal:
    • The most recent SSO ID that is associated with the user within the SSO ID field
    • Should see a Remove SSO ID button next to the Save button for CAS OR LDAP OR Shibboleth
      • This button cannot be clicked if there is no data within the SSO ID field AND no stored record on file
      • When clicking this button, the following occurs:
        • A window  should display titled: 'Are you sure you want to remove the SSO ID'
        • Instructional Text: ‘Please note that removing an SSO ID is not recommended and may result in the user being unable to log in. Remember, you can always update a user’s SSO ID via the SSO identifier tab.’
        • User will see an 'X' on the top right of the modal
          • Clicking this does NOT remove the SSO ID record and returns them to the Edit User modal with the most recent SSO ID from ACCOUNT displayed
        • User will see a Remove SSO ID button: ‘Remove SSO ID’
          • Clicking this button removes the SSO ID from account AND returns user to the previous scree‌n AND removes the SSO ID record from the screen
        • User should see a Cancel Button
          • Clicking this does NOT remove the SSO ID record and returns admin to the Edit User modal with the most recent SSO ID displayed

Tab for user editing to update SSO ID:

Institutional Admin in Faculty Search can modify the SSO ID for a user, so they can modify the SSO ID for SSO authentication purposes at any time. FS Institutional Administrator editing a User at their institution should see the following on the SSO Identifier tab within the Edit User window: 

  • An additional menu item next to Permissions
    • Menu Item label: “SSO Identifier”
  • Sees the following fields:
    • If an institution has CAS configuration for SSO:
      • Header: “CAS”
      • Instructional text: “Please provide the CAS Identifier”
    • If an institution has LDAP configuration for SSO:
      • Header:”LDAP”
      • Instructional text: “Please provide the LDAP identifier”
    • If an institution has PLATFORM Shibboleth configuration for SSO:
      • Header:”Shibboleth”
      • Instructional text: “Please provide the Shibboleth identifier, typically EPPN, or employeeNumber”
    • If an institution has a legacy SSO type:
      • Do not display the new SSO identifier tab
  • User should see a SSO ID field (one per Client SSO Configuration):
    • Field label: “SSO ID”
    • Field type: Text
  • User sees a Save button

Enforce uniqueness per tenant for CAS and LDAP SSO IDs:

User provisioning users will receive an error when attempting to add a duplicate SSO ID, so they do not have multiple users with the same identifier.