SAML Integration FAQs

June 29, 2016 Rex McWilliams

SAML (Security Assertion Markup Language) is an Extensible Markup Language (XML) standard that allows a user to log on once for affiliated but separate Web sites. 

How long does SAML take?
Generally, SAML takes 10 business days from the time that we receive all the required information until the time of completion and testing. Keep in mind this timeline is dependent upon continued, prompt communication from the institution’s IT department for troubleshooting.

What type of SAML do you support? 
We support systems using SAML 1.0 and SAML 2.0 with an IDP.

Does ExamSoft belong to any SAML Federations?                                                                     No, ExamSoft does not currently belong to any SAML Federations. 

What type of SAML IDPs do you use and/or work with? 
We use a custom implementation of SAML that was built using commonly used open-source implementation methods. Our implementation of SAML was built to work well with multiple IDPs, including, but not limited to, Shibboleth.

What is required of the institution when setting up SAML? 
The institution must complete the SAML Addendum. The institution is responsible for importing student data into the ExamSoft portal ensuring that the External ID entered in ExamSoft matches the student’s NameID provided through SAML by the institution. The institution is also responsible for adding user accounts and their Student ID into the ExamSoft portal. 

Does ExamSoft store any of our passwords in their servers?
No. The only information stored in our databases is the IDs imported by the institution. SAML is authentication is handled by the IDP and ExamSoft doesn’t see any sensitive information.

What is the implementation process for establishing a SAML integration? 
An Implementation Specialist will contact you and provide our metadata URL and request your metadata for import. We will also request credentials for testing against our test environment to ensure a smooth integration. After successful testing, we will import your metadata into your ExamSoft database and the integration will be complete.

Does SAML work for the application and the website? 
Yes. SAML is used for the SofTest Application as well as for the web-portal log-in information. When a student attempts to log in via the application a browser window will open and they will automatically be forwarded to the IDP login-page. After successful authentication the browser window will close and access will be granted to the application. 

Why do you need a test username and password for student and faculty users? 
Having test credentials on file allows us to complete initial testing on the integration. These credentials also allow us to test any reported downtime or outages to get those issues resolved immediately. The test account for students and admin users should be provisioned just like their production counterparts. 

How does ExamSoft know the External ID for the students and faculty? 
For students, the NameID provided by the institution should match the external ID in the ExamSoft portal. We recommend using the EPPN for this. For faculty and users, once SAML is enabled, an additional field will be available from the user page for you to add the external ID for each user. This will need to be completed prior to that user being able to log in. 

What is the Student ID field for if the External ID is the field used to communicate with SAML? 
The Student ID should be an identifiable ID associated with the student. This ID will be present when looking at student grades or running reports. This ID is not editable, and if you ever opt to not use SAML authentication, this is the ID that students would then use to login. 

Why is there still a required password field when setting up new users or students in ExamSoft if you will be authenticating with the IDP? 
The password field in ExamSoft is a place-holder field and is not used during the authentication process. If you opt to disable the SAML integration, this password would become the new active password. 

Must domains for faculty and students be the same for SAML integration?            
Yes.

Does ExamSoft support LDAP? 
Yes, please see our LDAP FAQs for more information. 

How do I start the process of having SAML enabled for my institution? 
Speak with your Customer Success Specialist or Implementation Consultant, and complete the SAML Specifications form. 

 
Previous Article
Examplify: Installing and Registering
Examplify: Installing and Registering

This guide will review the steps for downloading, installing, and registering Examplify Beta onto your mach...

Next QRG
LDAP FAQs
LDAP FAQs

This FAQ guide will answer many common questions regarding LDAP integration with ExamSoft's products.