1. Home
  2. Apps & Integrations
  3. Access via SSO and personal account (Single Sign-On)
Searching...

Access via SSO and personal account (Single Sign-On)

Contents

What does SSO access mode and personal account mean?

Single Sign-On (SSO) and personal account is an authentication option that offers the best experience for clients compatible with Academic, Government or Corporate accounts:

    • Users can access vLex from any device, anywhere with no IP restrictions and without the need to remember an additional username or password.
  • Each user benefits from a private vLex account (personal corporate account) and can use all personalized features such as creating alerts and notes; following SmartTopics, documents and resources; customizing news; and creating personal folders or reviewing search history.
  • As Account Administrator you have access to complete statistics, including the number of users using vLex and the frequency of their individual use.
SSO without personal account

vLex also supports SSO access without a personal account (general account) but this way, you lose the ability to use custom features.

vLex provides several SSO implementations:

  • vLex SSO protocol
  • Shiboleth
  • SAML
  • LTI

How does SSO work?

When the user enters vLex via SSO, vLex first checks that the user is correctly authenticated and then:

  • if there is an account in vLex with that email address, the user will log in to that account.
  • If there is no user with that e-mail address, a new personal corporate account will be created and the users will log in to that new account.

vLex SSO protocol

The vLex SSO Protocol is the simplest way to offer a Single Sign-On experience. Your technology team will install a code page into your private area, and users who go to that page will be redirected to vLex and automatically be authenticated.

How to activate the SSO integration?

What should you do?

You need to create a page on your private server that verifies that a user is correctly logged in and, if so, do a HTTP redirect to the authenticated link.

How do you create the link?

vLex provides a sample code so that you do not need to program it. The code is available in several programming languages (C, Phyton, Ruby, PHP, ASP, ASP.NET) and is available in the public project https://github.com/vlex/remote_auth and licensed for public domains.

Once our IT team has completed this we will give you access to the following information:

  • “Authentication Token.” This is a secret code between vLex and your organization that must be copied into the SSO code and which must be included in your website. It is important to not give any third-party access to this information. If you regenerate this code, you must also update the code on your website.
  • “Account ID.” Your vLex account ID. You should copy this number into the SSO code of your website.

Now your IT team needs to copy the SSO code on your web page.

SSO Code page

What should you do?

You need to create a page on your private service that verifies that a user is correctly logged in and, if so, do a HTTP redirect to the authenticated link.

How do you create the link?

vLex provides a sample code so that you do not need to program it. The code is available in several programming languages (C, Phyton, Ruby, PHP, ASP, ASP.NET) and is available in the public project https://github.com/vlex/remote_auth and licensed for public domain.

However, if you would like to program it yourself, the instructions are as follows:

– The URL link should be http://vlex.com/session/remote_auth
– The link should have the following GET parameters

  • name: the user’s name, for example: John Smith
  • email: the user’s email
  • timestamp: the time that the link is generated, represented as seconds from the Epoch, for example: 1049896564
  • account_id: your account id, this data appears when activating account integration
  • hash: the value that is used to validate the rest of the fields, it is computed as: hexdigest(MD5(name+email+account_id+token+timestamp))

The hash must be encrypted with the parameters indicated above, which will never be the same as it includes the timestamp. The + symbol represents a concatenation of sets of strings.

Keep in mind that when computing the hash, the order of the fields is relevant.

Token is the secret data shared between you and vLex. This information will also be provided to you at the beginning of this integration process.

Shiboleth, SAMAL and LTIShiboleth, SAML y LTI

These modalities are in private beta version. Send an email to support_academic@vlex.com to request access.

Specialized Support

For any questions, please contact our academic accounts support team at support_academic@vlex.com.

Function Available for Large Accounts

This function is available for Academic, Government and Corporate accounts. It is not available for Open or Professional accounts.

View all Apps & Integrations

This post is also available in: Español

Updated on February 12, 2020

Was this article helpful?

Yes No

Related Articles