Jump to content
Chris Goluch

365 - A sugestion

Recommended Posts

Hi Frog Team,

I have a suggestion for something that could prove very beneficial to frog. In fact during this time of remote teaching this could be a slight game changer.

 

At Broadway we are trying to do as much as we can though frog, unfortunately when it comes to remote teaching zoom is the answer. I'm not going to debate zoom vs teams here but frankly I wish we where able to use teams.

The reason we do not use teams is because the kids would have to sign in to both frog and 365 to access there class. Where as with zoom we can generate a link ahead of time and post it on frog, no zoom login required.

So, this got me thinking. Now I have recently been doing a lot of work in my personal life with oAuth for various platforms, so when it hit me i felt it was just supper obvious.

Right now you can log into frog using an active directory account, What if we could log into frog using our active directory account but instead of going via AD we went via oAuth2 on 365? This could be an additional option.

The benefit of this is now that, instead of logging into frog they now log into 365 and frog (via AD) at the same time. So, now I can embed a MS streams video, a MS teams link, an outlook calendar, (etc)...

But instead of having to sign into 365, I am all ready signed in from when i logged into the platform and now I am directly taken to the link my teacher has posted.

The benefit here on top, is that you can grab each users access and refresh tokens store them and use them to do even cooler things, but in theory you don's even need to keep these tokens unless you wish to use the MS 365 API's.

Link to post
Share on other sites

@Graham Quince I appreciate the adfs system does this, but adfs is something Microsoft are phasing out with there push for Azure. Come next year my school will be moving to azure, but we are already thinking of removing the adfs server because 365 no longer requires you to handle logins this way.

 

On top of that we have found that when dealing with multiple aliases, staff and students just get utterly confused when asked to sign in via adfs, meaning this is not a solution that we as a school would ever be allowed to implement.

I would highly recommend looking into moving to adding a 365 oAuth solution. If it where possible to write login logic with plugins I would attempt to write something up myself.

 

Thanks

Link to post
Share on other sites

Hi @Chris Goluch

I (personally) was not aware that ADFS was being phased out.  But I bet the development team know.  I'll mention it just in case.

The user experience when a school has ADFS enabled is that they either:

  • log into their network computer, open their browser (usually set with Frog as the homepage) and they are logged in straight away
  • visit Frog via their school's website, enter their username, at which point Frog redirects them to an ADFS login portal, which they then enter their password for and are sent back to Frog, all logged in.

There wouldn't need to be different login details.

I will mention your suggestion, but it is also worth using the Ideas Portal to log it and flag it up to the Product team too.

Link to post
Share on other sites
On 09/10/2020 at 12:35, Chris Goluch said:

@Graham Quince I appreciate the adfs system does this, but adfs is something Microsoft are phasing out with there push for Azure. Come next year my school will be moving to azure, but we are already thinking of removing the adfs server because 365 no longer requires you to handle logins this way.

 

On top of that we have found that when dealing with multiple aliases, staff and students just get utterly confused when asked to sign in via adfs, meaning this is not a solution that we as a school would ever be allowed to implement.

I would highly recommend looking into moving to adding a 365 oAuth solution. If it where possible to write login logic with plugins I would attempt to write something up myself.

 

Thanks

Hi @Chris Goluch

I've spoken with some of our senior developers.  Microsoft are not phasing out ADFS.  As far as we all know, there have been no statements made to that effect.  There is a growing sentiment among IT bloggers that ADFS should come to an end, but that is not the same. 

Having said that, we also offer Azure simple-sign-on.  This authentication method does require you to sign into Frog, but once signed in, you can open any other systems without having to sign in again. (provided these have been configured to use Azure).

Graham

 

 

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...