Simplify login by directing BBID/SSO users to a separate page for authentication

Some of our constituents (e.g. candidates, parents) sign in with a username and password, and others (faculty, students) use BBID/SSO and authenticate to an external server. The language on the login page directs users to enter username OR email address. This is confusing because faculty and students (SSO users) can ONLY use their full email address or else they do not get redirected to our authentication server.

  • Thomas O'Connor
  • Sep 23 2020
  • Already exists
  • Attach files
  • Janet Wittenberg commented
    25 Sep, 2020 12:12pm

    Good news -

    There are already several options to handle this scenario, under Core > Security > Authentication settings.

    The Domain Settings allow you to specify a different login URL for your SSO users and give it a label they will see right on the login page (Login page SSO label). This pattern covers any time users end up back on this page, from Sign out or possibly from session timeout. However, you can always construct your own 'front door' from your website or a bookmark that goes directly to the Blackbaud ID sign in page with a redirect to such as{yourschoolhere}

    Chances are you would prefer the format that sends them right to your identity provider login and skip the BBID page altogether such as{yourssoconnectionname}&redirectURL=https://{yourschoolhere}

    This is typically what you would put in the Domain Settings for Login SSO URL.

    If you are the site administrator, you can find your SSO connection name from under Admin > Authentication > Authentication Settings where it was configured.

    Additionally, the first tab of Core > Security > Authentication, Authentication Rules has a place where you can customize the text 'Username or email address' to something else if that is useful to you.