Tortal's SSO process relies on 2 key pieces of information that can be passed as URL query string parameters or as form fields posted to a Tortal endpoint from your outside system. The 2 pieces of information are:
- GUID: an encoded authentication string provided by Tortal - always the same for all users in the client organization.
- Username: the individual user's unique username in the Tortal LMS - different for every user, can be the user's email for example, but it must be unique for every user.
A properly formatted SSO link that includes this key information looks like this:
https://<>.tortal.net/sso.asp?guid=<>&username=<> (note: this link is for example only)
These values may also be posted to a URL provided by Tortal with form field names: guid and username.
Either method authenticates the user and logs them seamlessly into the Tortal LMS.
To maintain seamless SSO, both systems in the SSO process must by synchronized on each user's unique username and other information. This requires:
- An initial data load of all users and LMS groups
- Ongoing synchronization of user information between the two systems - options for ongoing synchronization include:
- Posting to Tortal's user-synch API endpoint (recommended)
- FTP of user and group data to Tortal, which will be processed on-schedule, 4 times a day
For more information on getting set up with SSO into the Tortal LMS, please contact your Tortal Learning Strategist or email@example.com