iSAMS: parent SSO with the iSAMS Parent Portal
Setting up the iSAMS Parent Portal as your method for authenticating parents allows them to log in to Tes Parents' Meetings via the portal, instead of by entering their details. Parents are matched using their email address in iSAMS (also known as IRIS Ed:Gen) and in Tes Parents' Meetings.
Please note: the iSAMS Parent Portal will not work alongside Wonde integration
To set it up please follow these steps
- Within iSAMS, create an SSO client with the following fields:
- Client ID
- Client Secret
a. Details Tab
- Client ID: schoolcloud
- Client Name: School Cloud Systems Auth Client for Parent Portal
- Client URI: https://www.schoolcloudsystems.co.uk/
- Login Screen: SAMS.Portal.Parent
- Backchannel Logout URI: https://auth.parentseveningsystem.co.uk/Providers/Isams/Logout
- Access Token Type: Select "Reference" from dropdown.
- Check the box next to Hybrid Flow is checked
- Ensure Authorization Code Flow is NOT checked
- Ensure Require PKCE is NOT checked
b. Scopes Tab
- Add the following:
- Openid (should already be added)
- profile
c. Whitelist URIs Tab
- Add the following 3 URIs making sure to select the correct type for eachj (replace "<school_cloud_url>" with your own schools unique school cloud link):
- https://auth.parentseveningsystem.co.uk/Providers/Isams/Callback | Allowed Post Login Redirect URI
- https://<school_cloud_url>.schoolcloud.co.uk | Allowed Post Logout Redirect URI
- https://auth.parentseveningsystem.co.uk | CORS Enabled Origin
d. Click "Save & Close", make sure to note down your Client and Client Secret that will be displayed. These credentials cannot be retrieved again, so it is essential to store them securely.
Here is some extra guidance to help with obtaining these details: https://support.isams.com/hc/en-us/articles/24290362090770-Single-Sign-On-Using-iSAMS-as-an-Identity-Provider
2. Once you have the details of your iSAMS SSO Client ID & Client Secret, go to Settings > Parent Authentication and choose iSAMS Parent Portal
Enter the details sent from iSAMS in the boxes that will appear underneath.
In the Authority field, type in your iSAMS web address with "/auth" at the end, then click save.
When these fields have been completed and your parents go to log in, instead of being asked for their details they will see a button which says 'Log in with iSAMS'.
On clicking the button they are taken to the iSAMS login page. Once they have logged into iSAMS, they are then taken directly into Tes Parents' Meetings.