tbaker-esristaff

Using Single Sign-On in Schools for User Management in ArcGIS Online

Discussion created by tbaker-esristaff Employee on Sep 3, 2018
Latest reply on Sep 13, 2018 by tbaker-esristaff

Large-scale student management in an ArcGIS Online organization subscription can be challenging. The Esri Schools Team recommends becoming familiar with best practices as outlined in this PDF.

 

Single sign-on (SSO) can reduce the liabilities of teachers managing student accounts and allow teachers to focus on teaching with GIS. Moreover, SSO gives everyone in the school or district access to the software (see article)!

 

When planning for ArcGIS Online via SSO, school districts should gather the following people: district SIS administrator, district IdP administrator, edtech coordinator, and interested curriculum coordinators.

 

Google G Suite Single Sign-On 

 One solution to working through this barrier is the use of enterprise logins (SSO) systems already available in education, like Google’s G Suite.

 

Microsoft Active Directory and others

Review the six other SAML-based IdPs that Esri supports, including ADFS 2.0+.  

 

Clever.com

Currently, Esri does not support Clever.com connections "out of the box".  We are exploring options that would allow districts to use the "Saved Passwords" mechanism in Clever to create an SSO experience.

 

RapidIdentity

RapidIdentity supports SAML. Follow this guide to learn more about configuring your SSO connection to ArcGIS Online. 

 

The SSO landscape in schools today

At the time of this document's last update, we know of U.S. schools using the following SSO IdPs with ArcGIS Online: Google G Suite, Microsoft Active Directory, and RapidIdentity.

 

Beyond SSO

Scripting and tools like the Geo Jobe Admin Tools can be powerful additions to toolkits of administrators managing large ArcGIS Online organizations.  See:

Outcomes