SSO Platform Integration

SSO Platform Integration

International School

The client:

An international school organization which operates over 20 schools in Hong Kong.

Benefits of SSO:

Improve efficiency – users able to access multiple applications by using a single password; enhance user experience and access applications efficiently

Reduce IT helpdesk calls – ease support on password reset and change management

Enhance Security – better overall security control with Identity and Access Management (IAM) deployment

Project background:

The client had implemented different systems for students and teachers in last 10 years and these systems were with different vendors with different versions and hosted and operated on isolated platforms. It’s inconvenient for the staffs to login different systems for routine tasks. Also, the existing architecture is difficult for IT operation and management. The client would like to rearchitect and have centralize management by headquarter thereafter.

Our service:

Most of their schools are using Google G Suite classroom for teaching while having separated systems hosted on Microsoft Azure for staffs including on-premises Active Directory, HR, and payroll system. We helped the client to integrate different platforms with Single Sign On (SSO) to ease the burden on operation and management.

Project challenges:

The client has multiple domains and different systems operating, we had faced different challenges during the integration of multiple isolated platforms into single managed platform.

Domain – The client using different domain names with various legacy internal system between schools.

Unsupported version – Schools using different version of Windows Server and Active Directory and some versions were no longer supported. In addition, some internal system had developed over 10 years and do not support SSO protocols such as SAML/ OAuth 2.0. Consultancy service to rearm existing internal system in order to support Single Sign On.

Deployments by phase – The project involved more than 20 schools with numerous users. The deployment and system switching was suggested by phase to minimize any risks on routine.

Automatic account creation – To ease the operation and management, a new onboarding system is developed to provide single user interface for new user account creation and the permission granted.

• COMPLETED

  19 Feb 2017