Introduction
The Brainfuse single sign-on service is a simple integration mechanism that allows Brainfuse clients who use their own authentication mechanism to sign their users directly into the Brainfuse Learning Suite. The integration is accomplished by embedding a dynamically-generated Integration URL into the client's LMS. Brainfuse generates the Integration URL(s) soon after receiving the client's setup specifications.
Authentication
The Brainfuse integration URL is typically secured by using OAUTH 1.0 Authentication. Brainfuse will provide the URL, consumer key and consumer secret to be used with OAuth 1.0 protocol.
Libraries
Integration URL
The Integration URL is generally dynamically generated at the time the user clicks on the Brainfuse link. The URL is composed of the landing page URL along with the brainfuseServiceURI(optional) and the url parameters.
http://landing.brainfuse.com/[brainfuseServiceURI/]index.asp?<url parameters>
Definitions
brainfuseServiceURI
brainfuseServiceURI is an optional parameter that identifies the service requested so that the user can be directly redirected to the service URL. If the serviceURI is omitted, the user will be redirected to the account home page. The possible values for the service URI can be one of the following:
• test: For accounts that opt into the Test Center service. This URI will direct the user to the Test Center service.
• helpnow: For accounts that opt into the HelpNow and JobNow services. This URI will direct the user to the HelpNow service homepage.
• jobnow: For accounts that opt into the JobNow and JobNow services. This URI will direct the user to the JobNow service homepage.
• writinglab: For accounts that opt into the Writing Lab services. This URI will direct the user to the writing lab services.
URL Parameters:
URL parameters provide the main communication method with the Brainfuse single sign-on system. The parameters in bold are required, others are optional but recommended to ensure a better user experience.
· user_id: (Required if using single sign-on system) The userId consists of up to 50 alpha-numeric characters. The userId must be unique for the currently logged in user on the client system of the branch or sub-entity to which the user belongs.
· lis_person_name_fname : The first name of the currently logged on user on the client system. Another name of the parameter can also be lis_person_name_given
· lis_person_name_lname: The last name of the currently logged on user on the client system. Another name for this parameter is lis_person_name_family
· lis_person_contact_email_primary: The email address of the currently logged on user on the client system.
The OAUTH specification requires the entity generating the URL to include few parameters in the request namely:
Examples:
https://landing.brainfuse.com/index.asp?user_id=213123&lis_person_name_full=kcts+kcts&lis_person_name_fname=kcts<i_message_type=basic-lti-launch-request&launch_presentation_document_target=window&resource_link_id=12345&oauth_callback=about%3Ablank&tool_consumer_instance_guid=9E22137B&lis_person_name_family=kcts&lis_person_contact_email_primary=&tool_consumer_instance_description=&launch_presentation_locale=en_US&launch_presentation_return_url=http%3A%2F%2Fbb.dev.trustforte.com%2Fwebapps%2Fbfus-BrainfuseSSO-BBLEARN%2Ftools.jsp%3Fcourse_id%3D_3_1%26id%3D32432&context_type=CourseSection&lis_person_name_given=kcts<i_version=LTI-1p0&tool_consumer_instance_url=http%3A%2F%2Fbb.dev.trustforte.com&tool_consumer_instance_name=&lis_person_name_lname=kcts&resource_link_title=KCTS&oauth_consumer_key=9E22137B&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1330638202&oauth_nonce=1344726845579987&oauth_version=1.0&oauth_signature=mBUQAFKLsvz3KKAvv8tREurz2jo%3D
This URL will register or login the user with the id 213123 into the main subdivision of the of the Demo client and then redirect the client to the service home page.
Brainfuse side of the Integration
Once the user clicks on the integration URL, the system will look up a user with the unique user id provided. If a user exists on the Brainfuse side, the system automatically logs the user into the Brainfuse system and brings them to the homepage or to the Brainfuse service specified in the URL.
If the userId was not found:
1. If the account is setup to prompt the user with the landing page, the system will prompt the user to either connect to an existing Brainfuse account or create a Brainfuse account with information not provided in the URL.
If the user clicks Save they will not be prompted again with this page. If the user clicks Skip and Proceed, they will be prompted again upon visiting the Integration URL. The user also has an option to connect their client userId to an existing Brainfuse username and password.
2. If the account setup is setup not to show a landing page and most accounts do, the user will be directed into our home page directly and they will see the Brainfuse Services launch page immediately.