Firefly: how to configure parent logins
Firefly is a supported single sign-on provider which can be used to facilitate logins for parents, thereby replacing the parent detail style login. This guide goes through the setup of Firefly logins.
NOTE: This guide assumes you are syncing your data with a management system. We don't support login via Firefly without a management system.
How is login facilitated?
Logins using Firefly are facilitated using the email address in Firefly and SchoolCloud Parents Evening. At log in a parent clicks a Log in with Firefly button.
This sends a request to Firefly who respond to us with the email address of the user who (provided they managed to log in) successfully logged in. If that provided email address matches one of the addresses in the Data > Parents > Select parent > Email synced with management system section of SchoolCloud, the system will log the parent into that account.
In order to support Firefly logins for parents, you must ensure that:
- Email addresses used in Firefly are unique.
- The email addresses from Firefly match one or no account(s) in your management system. Duplicates could result in incorrect logins. If no account match, that parent won't be able to log in which could be a desired effect.
- The "Can set task" permission is only turned on for parents who happen to be teachers at the school too. "Can set task" is the way we check accounts from Firefly are capable of logging in as teachers so there is a danger such a parent could log into the teacher panel instead if their email matches.
If you're using a locally hosted version of Firefly, please also ensure that:
- Your NAT rules are configured to allow forward public web traffic to the correct the expected Firefly site.
- Your hardware and software firewalls are configured to allow bidirectional access from our IPs. Our IPs are 22.214.171.124, 126.96.36.199 and 188.8.131.52 .
- If you have threat detection on your network (such as Arbor), make sure whoever manages it is aware that they may see lots of requests from public IPs soon. Some detection systems will require some training for that and for parental logins in particular this will be more important.
It's especially important that the school has up-to-date records for the parent's email addresses. These must be kept matching in both Firefly and your management system otherwise parents may run into login issues. It is especially important that your staff know how to handle inabilities to log into parental accounts so it's a good idea to circulate steps to spot/correct problems like that before setting up parental logins. It's also worth making sure you have more than one contact who's able to make changes to email addresses for parents in both systems.
Turning on Firefly authentication for parents
To turn on Firefly authentication, just follow these steps:
- In the administrator dashboard, click Settings.
- Select Parent Authentication then select Firefly under the Single Sign-On section.
- In the Firefly URL box, enter your Firefly URL. The URL might be something like https://schoolname.fireflycloud.net but you can have locally hosted instances of Firefly.