The Univerus Sport software uses an open standard called Security Assertion Markup Language (SAML) to simplify the authentication process. This allows your organization to act as the Identity Provider (IdP) and your users to be able to seamlessly log into the Univerus Sport system using their existing school accounts and passwords.
How Does the Implementation Process Work?
It starts with Univerus first performing an initial SSO configuration in the Univerus Sport software for your organization. Next, we provide a metadata file to your organization’s IT contact. With this metadata file, the IT contact can then configure Univerus Sport as an authorized application in your environment. Once configuration is complete on your side, the IT contact will then provide Univerus with a metadata file containing your organization’s SAML settings. With this file, we can finalize the configuration in Univerus Sport and test the login process.
Things to consider…
Univerus Sport uses the email provided to us by your organization. This means that you will need to arrange to send us the email address in a consistent format (i.e. email@example.com) to reduce confusion. During the configuration process by your organization’s IT contact, you will need to decide on what attributes you send after sign-on. At a minimum, Univerus Sport will need: First name, Last name and Email address. If possible, Student ID is a great field to also include. For data points like Academic Records, this is typically better addressed by using an Academic file exchange implementation over SFTP between systems.
Please take the following into consideration when determining if your organization would like to proceed with SSO integration:
Enabling Single Sign-On (SSO) for your entire application means that all users (Administrators, Athletes and Coaches) will be required to log in using their SSO credentials. This eliminates the ability for guest users to access the application. SSO streamlines the authentication process by allowing users to use their existing credentials from an identity provider (IdP) to access multiple applications.
What this means: A administrator, athlete or coach with an outside e-mail address will not be able to access the system.