SAML FAQs

Security Assertion Markup Language (SAML) is an Extensible Markup Language (XML) standard that allows a user to log on once for affiliated but separate web sites. 

 

Q. How long does SAML take?

  1. Generally, SAML takes ten business days from the time that we receive all the required information until the time of completion and testing.

    Note: This timeline is dependent upon continued, prompt communication from the institution’s IT department for troubleshooting.

 

Q. What type of SAML do you support?

  1. We support systems using SAML 1.0 and SAML 2.0 with an IDP.

 

Q. Does ExamSoft belong to any SAML Federations?     

  1. No, ExamSoft does not currently belong to any SAML federations. 

 

Q. What type of SAML IDPs do you use and/or work with?

  1. We use a custom implementation of SAML that was built using commonly used, open-source implementation methods. Our implementation of SAML was built to work well with multiple IDPs, including Shibboleth.

 

Q. What is required of the institution when setting up SAML?

  1. The institution must complete the SAML Addendum. The institution is responsible for importing exam-taker data into the ExamSoft portal ensuring that the External ID entered in ExamSoft matches the exam-taker’s Name ID provided through SAML by the institution. The institution is also responsible for adding user accounts and their exam-taker ID into the ExamSoft portal. 

 

Q. Does ExamSoft store any of our passwords on their servers?

  1. No, the only information stored in our databases is the IDs imported by the institution. SAML's authentication is handled by the IDP, and ExamSoft doesn’t see any sensitive information.

 

Q. What is the implementation process for establishing a SAML integration?

  1. An Implementation Specialist will contact you and provide our metadata URL and request your metadata for import. We will also request credentials for testing against our test environment to ensure a smooth integration. After successful testing, we will import your metadata into your ExamSoft database and the integration will be complete.

 

Q. Does SAML work for the application and the website?

  1. Yes, SAML is used for the Examplify as well as for the web-portal log-in information. When an exam-taker attempts to log in via the application, a browser window will open, and they will automatically be forwarded to the IDP login-page. After successful authentication, the browser window will close, and access will be granted to the application. 

 

Q. Why do you need a test username and password for exam-takers and exam-makers or admins?

  1. Having test credentials on file allows us to complete initial testing on the integration. These credentials also allow us to test any reported downtime or outages to get those issues resolved immediately. The test account for exam-takers and admin users should be provisioned just like their production counterparts. 

 

Q. How does ExamSoft know the External ID for the exam-takers and exam-makers or admins?

  1. For exam-takers, the Name ID provided by the institution should match the external ID in the ExamSoft portal. We recommend using the EPPN for this. For exam-makers or admins, an additional field will be available from the user page for you to add the external ID for each user once SAML is enabled. This will need to be completed prior to that user being able to log in. 

 

Q. What is the exam-taker ID field for if the External ID is the field used to communicate with SAML?

  1. The exam-taker ID should be an identifiable ID associated with the exam-taker. This ID will be present when looking at exam-taker grades or running reports. This ID is not editable, and if you ever opt to not use SAML authentication, this is the ID that exam-takers would then use to log in. 

 

Q. Why is there still a required password field when setting up new users or exam-takers in ExamSoft if you will be authenticating with the IDP?

  1. The password field in ExamSoft is a place-holder field and is not used during the authentication process. If you opt to disable the SAML integration, this password would become the new active password. 

 

Q. Must domains for exam-makers or admins and exam-takers be the same for SAML integration?

  1. Yes.

 

Q. Does ExamSoft support LDAP?

  1. Yes, please see our LDAP FAQs article for more information. 

 

Q. How do I start the process of having SAML enabled for my institution?

  1. Speak with your Customer Success Specialist or Implementation Consultant, and complete the SAML JotForm for your portal. 

Was this article helpful?
1 out of 1 found this helpful

Articles in this section