Security

After configuring ParentSquare as a SAML service provider, permission can be given by User or Group/Portal Group.


Configuration

For the initial setup, ParentSquare needs to be configured as a SAML Service Provider. Work with ParentSquare to complete the configuration per the SAML documentation.


  1. (ParentSquare) After the district is created in ParentSquare, SAML Links are provided to the district.
  2. (District) Sets up the SAML Configuration and provides the meta-data URL back to ParentSquare
  3. (ParentSquare) Completes the configuration by putting in the certificate details to complete security setup for SSO
  4. (District) Test SSO


ParentSquare Provides the SSO URL’s

ParentSquare provides the following two URLs to the district


Entity_id URI:  https://www.parentsquare.com/saml/<district_identifier>/metadata

Asserting Consumer Service URLhttps://www.parentsquare.com/saml/<district_identified>/consume


Example:

https://www.parentsquare.com/saml/eagle/metadata

https://www.parentsquare.com/saml/eagle/consume


District configures SAML (documentation here)

Note: When you add the Service Provider.  Please use the following settings


1. Display Name:  ParentSquare  (need to exactly match this)

2. Enter the Entity Id URI and Assertion Consumer Service URL as provided.

3. Check the Sign SAML Response? and Allow Aeries to Initiate SSO? boxes.

4. Hit save


5. Provide the metadata URL back to ParentSquare.



ParentSquare Updates the Security Configuration

After the meta-data url has been provided, ParentSquare will update the security configuration and the system should be ready for testing SSO.


API Certificate

ParentSquare will need access to the District API to pull the Students, Users, Staff, Classes etc.  You may use an existing certificate or create a new one.  Instructions for creating an API certificate are here.


You may use the ParentSquare-Aeries field mapping as a guide for giving the proper permissions to ParentSquare