© 2018 Capita Business Services Ltd. All rights reserved.

Capita Education Software Solutions is a trading name of Capita Business Services Ltd. Our Registered office is 30 Berners Street, London, W1T 3LR and our registered number is 02299747. Further information about Capita plc can be found in our legal statement.

Single Sign On - Using SIMS ID

Why use SIMS ID SSO

SIMS ID can provide federated authentication services to your product providing a single sign-on (SSO) experience to joint customers, allowing them to use their familiar username and password to access your product and seamlessly switch between SIMS Online Products and your product.

This removes the barrier to access, and reduces administration overhead associated with the adoption of a new service with its accompanying usernames and passwords.

A Standards-based approach

SIMS ID provides OAuth 2.0, OpenID Connect and SAML 2.0 authentication services, recognised standards and protocols.

SIMS ID maintains additional OIDC information, such as additional scopes that can be requested to provide additional options to an integrated system.

This information is updated periodically and circulated on ratification to current SIMS ID Technical Integrators. Any breaking changes within the specification will be depreciated over one revision of the specification with a minimum six month grace period.

Download the SIMS OPENID CONNECT SPEC V3.0.4

Is this Authentication or Authorisation?

SIMS ID is only responsible for Authentication. Your application is responsible for Authorisation.

OIDC (OpenID Connect)

When using OIDC, SIMS ID can return a number of attributes for the user in the identity token (id_token), ranging from simply the site(s) they are associated with through to the more complex person and relationship data.  This data can help you make an informed authorisation decision or route the user post-authorisation to appropriate access pathways.

SAML 2.0

When using SAML, SIMS ID can return a number of attributes for the user in the assertion, ranging from simply the site(s) they are associated with through to the more complex person and relationship data.  This data can help you make an informed authorisation decision or route the user post-authorisation to appropriate access pathways.

OAuth/OIDC Endpoints

Authorisation Endpoint

Token Endpoint

UserInfo Endpoint

Discovery Endpoint

Logout Endpoint

Token Revocation Endpoint

Access Token Validation Endpoint

Identity Token Validation Endpoint

Other OAuth/OIDC Information

Refresh Tokens

Register as a Technical Integrator

Click Here to register

 

 

Capita Identity and Access Management RESOURCES

Related resources for Capita Identity and Access Management

Single Sign On - Using SIMS ID

Authentication services for your product providing a single sign-on (SSO) experience to joint customers.

Explore

Capita Identity and Access Management

Capita IAM services are based around SIMS ID (in education) and Capita ID for non-education applications. Both platforms provide Identity and Access management and are based around industry standard, best practice applications. Service include OAuth2.0, OpenID Connect, SAML 2.0 integration services for Authentication User, role and group management is provided as part of the service as is inbuilt multifactor authentication. The IAM service supports direct user credential management through data ingestion, direct UI entry, and secure invite methodologies. Federated third-party identity providers are also supported.

Explore