SSO (Single Sign-On)

What is Single Sign-On (SSO)

Single Sign-On (SSO) is an authentication method that enables users to access multiple applications and websites using a single set of credentials. 

For JoVE subscribers, SSO allows institutions and companies to access their subscribed JoVE content by using their existing institutional login credentials, avoiding the creation of a separate JoVE account.

Information Required by JoVE to Set Up SSO for Your Institution:

To configure Single Sign-On (SSO) for your institution, JoVE requires the following information:

  1. Entity ID: The unique identifier of your institution or organization provided by your SSO service provider.
  2. Institution Domain: The URL or domain name used by your institution or organization. (Optional)
  3. SSO Federation*: The type of SSO federation your institution or organization utilizes (e.g., OpenAthens).
  4. JIT Provisioning Requirement: Please specify if Just-In-Time (JIT) provisioning is required: (Yes/No). Refer to the "JIT (Just-In-Time) Provisioning" section below for more details.

Supported SSO Services at JoVE

JoVE supports the following SSO federations:

  1. InCommon
  2. UK Federation
  3. OpenAthens
  4. CARSI
  5. eduGAIN
  6. CSTNet Cloud Federation
  7. SWAMID
  8. KAFE
  9. GakuNin

*Alternative for Non-Federated Institutions

If your institution is not part of one of the listed federations (for example, using services like Azure, Okta, or Ping), you can provide an XML integration file instead. The information required for XML integration can be found at: https://app.jove.com/Shibboleth.sso/Metadata

Additional Notes on SSO Support

  • JoVE supports SSO via SAML.
  • Support for Apereo CAS, Tennet and Entra is uncertain as JoVE has not previously integrated with these systems.

JIT (Just-In-Time) Provisioning

To enable Single Sign-On (SSO) for your institution in a way that allows students and faculty to log in using their individual email addresses, JoVE offers Just-In-Time (JIT) provisioning. To implement this, your institution's IT or Information Security department must release the following three user attributes to JoVE: Email, Given Name, and Surname. This enables JoVE to automatically create user accounts during the login process.

Required User Attributes for JIT Provisioning:

JoVE requires these attributes in the following formats:

  • Email: Should be passed as: 'urn:oid:0.9.2342.19200300.100.1.3', 'email', or 'emailaddress'
  • Given Name: Should be passed as: 'urn:oid:2.5.4.42', 'firstname', 'firstName', or 'givenname'
  • Surname: Should be passed as: 'urn:oid:2.5.4.4', 'surname', or 'lastName'

Once your institution's IT or Information Security department has released the required user attributes (Email, Given Name, and Surname) for Just-In-Time (JIT) provisioning, please inform JoVE at support@jove.com. This notification allows us to promptly update the SSO integration and activate JIT provisioning.

Detailed information regarding the required user attributes for JIT can also be found in the 'Attributes for JIT' section of this external document: https://sites.google.com/view/jove-saml-data?pli=1&authuser=1

 

For any further questions or clarifications, please submit a ticket to support@jove.com.