Single Sign-On (SSO) FAQ

Find answers to common questions about Single Sign-On access and authentication.

Tags

SSO & Auto-Rostering SSO & Manual-Rostering PreK-12 Customer Support School Administrator User Guides & Account Management

This article applies to districts that use the SSO and Auto-Rostering Access Service and Single Sign-On (SSO) and Manual Rostering Access Service.��

SSO applies to districts that use an SSO portal, district website, or Learning Management System (LMS) to access ��Vlog digital programs, and Direct Login means that teachers, students, and administrators log in at my.mheducation.com. Auto-Rostering means that account creation, class setup, and roster management are automated through a process handled by your district.

Not sure which Access Service your district uses? Click��here��to learn more about the four Access Services that we support.

Introduction

Single Sign-On (SSO) is an authentication process that allows a user to access multiple applications with one set of login credentials. This guide provides answers to common questions that are asked about SSO.

��

Q: Why do I need SSO?

A: SSO streamlines access to ��Vlog platforms. When SSO is set up, teachers and students no longer navigate to my.mheducation.com and enter log-in credentials. Instead, they access ��Vlog platforms directly from the district’s LMS (Learning Management System) or SSO portal for a seamless experience. SSO is required to support bulk rostering using the IMS Global Learning Consortium® OneRoster® specification.

��

Q: Does SSO provide direct access to specific ��Vlog products?

A: SSO simply launches teachers and students from the district’s LMS or SSO portal to ��Vlog platforms. SSO does not automatically license content to users. A separate bulk rostering integration is required for this step. SSO does not allow you to embed specific content assets, such as ebooks, directly into your LMS. The user accesses ��Vlog platforms via SSO and then navigates to the ��Vlog digital content licensed to them.

��

Q: What SSO protocols does ��Vlog support?

A: We currently support LTI® 1.0, 1.1 and 1.2 and SAML 2.0 IdP-initiated protocols. Examples of SSO launch points that we support include LMS vendors, such as Canvas and Schoology®, SSO portals, such as ClassLink and IDAutomation®, and other solutions, such as Microsoft® Azure™, Google, and many others.
��
LTI® - Learning Tools Interoperability
IdP - Identity provider
SAML -�� Security Assertion Markup Language

��

Q: Who can I contact with questions about setting up SSO?

A: To discuss a new SSO for your district, click .

Q: Who can I contact with questions about my current SSO integration?

A: For assistance with your existing SSO integration, contact Digital Integration Support at��1-855-315-6417 or email IntegrationSupport@mheducation.com.

��

Q: What information is passed to ��Vlog in the SSO?

A: LTI® and SAML have different formats and pass unique metadata in the process. The common data points that we require in all SSO configurations are:

First Name
Last Name
Unique Identifier, such as a teacher’s employee ID number or a student ID number

Depending on the SSO configuration used, additional data points, such as role and email address, may also be passed to us.
��
��

Q: Our district SSO has been working fine, but several users now report that the digital textbook no longer displays the progress they have made in the book. What happened?

A: The most common cause of lost progress is a change in the unique identifier sent in the SSO. When this happens, the new identifier prompts us to generate a new account, so the user essentially starts over. To correct this, contact Digital Integration Support at 1-855-315-6417 or email IntegrationSupport@mheducation.com.

Q: What do I do when teachers report seeing an error message when they attempt to log in to ��Vlog platforms via SSO?

A: The first step is to check the teacher’s profile information in the LMS or SSO portal and verify that all required fields are populated. If any required field is blank or missing, the teacher may not be able to access ��Vlog platforms.��For more trouble-shooting steps, click here.

��

Q: Our district SAML SSO has been working but all of a sudden no one is able to access ��Vlog platforms via SSO. What happened?

A: SAML relies on certificate exchanges to verify SSO logins. These certificates typically expire and need to be updated annually. For help with SAML certificates, contact Digital Integration Support at 1-855-315-6417 or email IntegrationSupport@mheducation.com and provide them with your metadata URL. If you do not have your district's metadata URL, the tech support team can walk you through your next steps.
��

"SAML" and "Security Assertion Markup Language" are trademarks of��OASIS, the open standards consortium where the SAML specification is��owned and developed. SAML is a copyrighted © work of OASIS Open. All rights reserved.

OneRoster®��and LTI® are trademarks of the IMS Global Learning Consortium, Inc. (www.imsglobal.org)

��Vlog

Learning Levels

Select Region

North America

Latin America

Europe, Middle East & Africa

Asia Pacific

Search